Accused Rogue Admin Terry Childs Makes His Case

angry tapir writes "He's been in jail for seven months now, but former San Francisco network administrator Terry Childs says he's going to keep fighting to prove he's innocent of computer crime charges. Childs was arrested on July 12, charged with disrupting the City of San Francisco's Wide Area Network during a tense standoff with management. Infoworld has also conducted an interview with Childs."

Something Important

Is this another 'Won't somebody think of the Childs?' story?

from the yeah-good-luck-with-that dept.

[u38cg]

Thanks for just blowing away presumption of innocence, Taco :-/

Re:from the yeah-good-luck-with-that dept.

[xouumalperxe]

I'd say it's more like blowing away the presumption of functional law enforcement where IT is concerned.

Re:from the yeah-good-luck-with-that dept.

Thanks for just blowing away presumption of innocence, Taco :-/

Guilt or innocence often has no relation to whether you are convicted of a crime or not.

Re:from the yeah-good-luck-with-that dept.

[HexOxide]

Wow, I never even noticed those little department subtitles on /. before... Are they new? Am I just blind? I know they've been on Tech Dirt for a long time, did /. copy TD? Or vice versa? Or did they botch copy the idea from elsewhere?

Re:from the yeah-good-luck-with-that dept.

Because too seldom is it asked, is our Childs learning?

Re:from the yeah-good-luck-with-that dept.

[u38cg]

Yep, they've been there since approximately forever.

Re:from the yeah-good-luck-with-that dept.

[HexOxide]

So did Tech Dirt copy Slashdot? Did they both copy someone else?

Re:from the yeah-good-luck-with-that dept.

Goddammit slashdot you're so fucked up these days

So don't come around here no more. Nobody's forcing you ... I hope?

i could have been a contender....

[gandhi_2]

I almost got frist psot but Terry changed my WPA key. ):

Re:i could have been a contender....

I almost got frist psot but Terry changed my WPA key. ):

No. You just mistyped it.

Spelling matters, especially for login and passwords.

Equal Protection?

[houstonbofh]

"He's been in jail for seven months now,...

I love our entire "Innocent until proven guilty" thing. Unless you are on the wrong side of the celebrity wagon. I bet Paris would be out by now...

Re:Equal Protection?

[PrescriptionWarning]

or possibly he couldn't make bail because he's not as filthy rich as Paris

Re:Equal Protection?

[poena.dare]

Apparently the city of SF is having a wee bit of a problem understanding exactly what a network admin does. I read TFA, the guy sounds sane.

Re:Equal Protection?

[internerdj]

By now? If she'd been in seven hours it would be amazing...

But more seriously wow. I had only heard about this in passing, and didn't know the details. What is an IT person supposed to do? They hire him to be in charge of the network and then ask him to hand out root passwords to anyone important in the city government. At my job they make us swear on everything holy to not give our passwords or pins to ANYONE and probably would have us shot as a penalty if they could get away with it, but even without those restrictions I'm not going to hand out my password to my boss, my boss's boss, or even the CEO of the company.

Re:Equal Protection?

[Lumpy]

It has NEVER been innocent until proven guilty. that fairy tale is simply read to the children to make them smile.

Every lawyer, and person that has even been exposed to the legal system knows. You're guilty, then you have to fight to prove your innocence.

Re:Equal Protection?

[houstonbofh]

Kinda the point... "Bail" should be equally difficult for different people.

Re:Equal Protection?

[pla]

but even without those restrictions I'm not going to hand out my password to my boss, my boss's boss, or even the CEO of the company.

I like my job, but preserving it comes pretty damned far behind "my freedom" in order of my priorities. Jail vs giving out the keys to the kingdom? "Would you like the portcullis up or down when you arrive, Mr. Barbarian?"

Anyone who chooses prison over a job doesn't count as "principled", they count as an idiot.

Re:Equal Protection?

[MightyYar]

Hey, Paris worked really really hard for all that money and she deserves a little break when it comes to doing hard time.

Re:Equal Protection?

[afidel]

If he's been in jail that long then he waived his right to a speedy trial and was unable to come up with the money for bail.

Re:Equal Protection?

[internerdj]

Giving out the passwords could also lead to jail time. My personal password ties my account to me personally. Apart from all the potential abuses of international trade laws that could happen from my personal email if someone else had access, what if any one of those people put child porn on a rival's computer because they now had the keys? What if it was my computer? These people were willing to not only charge him in court for doing his job but also threw him under the publicity bus too.

Re:Equal Protection?

[madcow_bg]

but even without those restrictions I'm not going to hand out my password to my
boss, my boss's boss, or even the CEO of the company.

I like my job, but preserving it comes pretty damned far behind "my freedom" in order of
my priorities. Jail vs giving out the keys to the kingdom? "Would you like the portcullis
up or down when you arrive, Mr. Barbarian?"

Anyone who chooses prison over a job doesn't count as "principled", they count as an idiot.

P and GP may be talking about the same thing. If I have assigned the keys to take care of the network, and more importantly am liable both morally and legally (morally is needed because of future employments, who knows), then it is plainly a good idea to keep them secret.

However, if my boss or my boss' boss or the CEO asks to have them and most importantly signs a paper that request them, by god, just give it to the man. By having the command in writing you are covered in case something wrong happens with those keys.

If no written order comes, how are they supposed to prove you denied them the request?

Re:Equal Protection?

[Onaga]

Why should it? Not everyone "earns" money the same way, but let's say an industrialist works hard to build up a small fortune. If he commits the same crime as some high school dropout, the industrialist should have his bail set 1000x higher as a punishment for being successful? Why not argue that the price of a milk should decrease Warren Buffet's money at relatively the same rate as a fry cook's money?

Someone's money earns them the right to have fancy cars and mansions. For better or worse, it also lets them afford bail and expensive lawyers. Don't punish people for their success... or the success of their family (Hilton).

</rand> ...err, I mean </rant>

Re:Equal Protection?

Nice try, but that analogy/rebuke doesn't really work. Bail is intended to make sure people show up for trial, so it has to be adjusted for the relative impact it will have on the accused.

Re:Equal Protection?

[jgtg32a]

You must be new here let me welcome you to Socialist America.

Re:Equal Protection?

[auric_dude]

I think you are wrong about Paris she would not be out by now rather I expect that she would be the first to go down.

Re:Equal Protection?

[chrispycreeme]

Someone's money earns them the right to have fancy cars and mansions. For better or worse, it also lets them afford bail and expensive lawyers. Don't punish people for their success... or the success of their family (Hilton).

Except that bail isn't meant to be punishment, it's meant to be a deterrent from fleeing the court. $1000 might be enough to induce a high school dropout working at 7-11 to return to court, the same amount wouldn't work on Bill Gates. It's bail not a fine, you get it back unless you skip town.

Re:Equal Protection?

[pla]

Giving out the passwords could also lead to jail time. My personal password ties my account to me personally.

It sounds like Childs had a pretty good clue about network administration - Meaning that he almost certainly didn't "run as root". He also had decent forewarning (most accounts describe this as ongoing for at least six months) that he could expect some bad mojo down the line, and could have taken appropriate steps to isolate his personal access from his professional access well in advance of the issue coming to a head.

Now, if I absolutely had to surrender my personal account, I'd simply change the password to "password" first, and ASAP bulk-email everyone in my address list to say that ownership of my account had changed hands and future contact from that account would not come from me.

Whether or not my employer owns "my" account, they sure as hell don't own my reputation.

Re:Equal Protection?

[HungryHobo]

While at the same time I've seen arguments that it's right that the rich and powerful tend to get more when they sue newspapers and radio stations for defamation because they're more valuable people... I mean their reputation is more valuable.

Lets go the whole hog!
one rule for the rich, one for the poor!
The lazy fuckers!
Probably all criminals anyway!

Hit someone while drunk driving? well since you're rich you're obviously more valuable to society, lets stack the odds in your favor so you don't go to jail!

Speeding? well sure if you make more money in the 20 minutes you save getting to work than it costs you to pay for your speeding ticket then that's perfectly fine!
It just makes economic sense for you to break the law then!

Crime isn't the same as milk or eggs. It's not a comodity. Fines are supposed to be punishment so if a fine is too small to be noticed by one person or so big as to not fit the crime for another then it's not justice. Fines relative to your wealth make perfect sense in that context.
If you get to avoid going to jail because of your daddies money then something is seriously messed up with your legal system.

Re:Equal Protection?

[erroneus]

It is a situation that defies what most people would do to be sure. This leads me to think that there is certainly a LOT more going on than we are able to know. I would guess that perhaps either he is trying to protect his own illegal activities or those of another or is trying to prevent something worse from happening to him at the hands of those above him.

But sometimes, you just have to accept that some people actually do things on principle. For example, a couple of years ago, I left my job because I refused to give up "evidence that could exonerate me." The short of it was that my office's IP address was reportedly being used to share Adobe software via bit torrent. While it was true that I used bit torrent, it was most assuredly not Adobe software. (I'm not completely innocent... there was pr0n involved... legal stuff but still) But there was no software infringement going on as far as I knew. But they wanted me to hand over my personal property for them, in another state, to examine for an undetermined amount of time in order to answer a BSA complaint. I simply packed up my gear and went home. I had much other personal data on my system and was unwilling to share it for any reason. They offered me no assurances of any kind and when I asked them "why would compliance be in my best interests?" they had no answer at all... only silence. Most people at the office agreed with my position.

In the end, I got a better job in fairly short time and no other consequences at all. I learned a lesson but it was not one "hard learned." Still, I was not going to just bend over and give up my personal property and data.

Re:Equal Protection?

[Jeremy+Erwin]

It should be equally reasonable. After all, the state hasn't proven anything.

Re:Equal Protection?

[Xiaran]

Exactly. The same principle is applied to taxation. At least it should be :)

Re:Equal Protection?

[Mr.+Slippery]

but let's say an industrialist works hard to build up a small fortune.

Well, in the real world fortunes are built by leaching off the hard work of others, but we'll pretend.

If he commits the same crime as some high school dropout, the industrialist should have his bail set 1000x higher as a punishment for being successful?

Bail is not a punishment, it's a surety of appearance at trial.

Someone with a metric fuckload of money is going to be more willing to write off a bail of, say, $10,000, and is also more a a flight risk, than an average joe.

(There's also the problem that bails are set so high for the average joe that he often has to pay a bail bondsman a fraction of the bail, rather than put up the whole amount and have it returned when he shows up in court. But that's another issue.)

Re:Equal Protection?

[Inda]

I've said similar on here in the past and not been modded up *grumpy*

It also stems from the fact that we don't lock up innocent people in the western world.

Re:Equal Protection?

[b4upoo]

We do have a messed up legal system that favors the rich. When it gets messed up enough usually there is a revolution.

Re:Equal Protection?

[corbettw]

My understanding of the case is they were asking for the router passwords, both login and enable (root). Not his personal passwords. There was no reason not to do so, the guy is an idiot and should've been fired on the spot. Letting him rot in jail for these past seven months is just overkill, though. They should let him go, it's not like he's likely to work in network security again, anyway.

Re:Equal Protection?

[MarkvW]

The presumption of innocence really works.

The presumption of innocence is a rule that applies to criminal trials. All it means (ALL it means) is that the jury cannot convict you unless they find beyond a reasonable doubt that you committed the charged crime. Juries take this very seriously. "Every lawyer" knows that. Juries can be stupid, sometimes, but they very often are stupid on behalf of the defendant. In other words, if they're not sure then they cut the defendant a break. "Every lawyer" who actually does trials knows that, too.

In the U.S., less than five percent of cases go to trial. That means that less than five percent of people ever test the presumption of innocence. Why? Maybe because they're guilty . . .

Bail is a different issue. Judges have to assess danger to the community. Sometimes, people who can't make bail rot there before trial. Those people have a remedy, though. They can insist on a speedy trial. Most states have speedy trial rules just for that purpose.

Mr. Childs probably isn't pushing for a speedy trial because the State probably has a strong case against him and he wants to build an effective defense. Defense takes time and preparation. So, I guess that Mr. Childs is sitting in jail (1) because the judge thinks he's a danger to the community; (2) he can't make bail; and (3) he needs the time to prepare his complicated defense.

The presumption of innocence is not a fairy tale in the U.S. It is a plain reality.

Re:Equal Protection?

[I_Voter]

Onaga wrote:
[should bail be] .. set 1000x higher as a punishment for being successful?
----

Is it a Freudian slip that you used the word successful as opposed to the word productive?

I_Voter

Can an invisible hand pick your pocket?

Re:Equal Protection?

[Onaga]

The quote that I have issue with is: "or possibly he couldn't make bail because he's not as filthy rich as Paris"

So it's not an issue of making it "as difficult." Some people simply can't afford bail. Rich people tend to afford bail. If you make it high enough that they can't afford it, then there's no point to it. So we're still back to poor people can't afford bail and you can't raise bail high enough where rich people can't afford it. The only other thing one could say is that bail should be lowered for poorer people to a point where it is affordable for everyone. Yes we can.

Re:Equal Protection?

[Curtman]

let me welcome you to Socialist America.

Hey, hey now. It's called "Canada", not "Socialist America".

Re:Equal Protection?

The request in writing, BINGO, BINGO, that my friends is the begin and end of this. Or it should have been. If I was the guy and some city bigshot signed this form that covered my ass, I would have handed the stuff over.

If the dumbass breaks the network, I'm covered and in all likelyhood I change the password after a week, or a month, whatever just to get back my piece of mind.

Re:Equal Protection?

Thanks to you, I have chosen to RTFA. I only do it once in a week or two, so this one better be worth my time... >:[

Re:Equal Protection?

[Mr.+Droopy+Drawers]

Why should it apply to taxation? Taxes are not a social program. It's designed to pay for government.

Oh, and bail is refunded if you show up for court.

Re:Equal Protection?

[aaarrrgggh]

How do you balance this individual need against an organizations's need for continuity of operations in the event of your death or incapacity to perform work? There needs to be some sort of business continuity procedure in place that lists all root passwords (ideally highly compartmentalized). Who is the backup person, and how do you control their access.

With most data centers, the solution at a physical level is to go to a secured, automated key cabinet that requires authentication and manages check-in and check-out of any keys for emergency use.

With most public buildings, the solution is to have a master key that just about anybody that thinks they are sufficiently important enough will have a copy of. (While I was in school I had a key that would provide full access to all buildings, offices, steam tunnels, and I believe the Chancellor's office-- as an engineering aide!)

Re:Equal Protection?

[ITJC68]

This makes perfect sense!!! Instead of a static fine make it a percentage of your year gross wages!! That way it is fair right?!? The only issue could become that some cities where these celebrities live would purposely look for them so they could get more money. It would be similar to a police cruiser looking for speeders and picking out only the most expensive cars because it would be more likely for them to get more money for the ticket. I know it seems far fetched now but don't put it past some departments or cities. My 2 and half cents.

Re:Equal Protection?

[Chris+Mattern]

I like my job, but preserving it comes pretty damned far behind "my freedom" in order of my priorities. Jail vs giving out the keys to the kingdom? "Would you like the portcullis up or down when you arrive, Mr. Barbarian?"

"I have no gate key."

"Fezzik, tear his arms off."

"Oh, you mean THIS gate key!"

Re:Equal Protection?

Great system, lose your rights if you can't pay up.

I can see the possible opportunities:
'For a fee of $39.95 a month you can be eligible for 5th Ammendment rights. Call now and we'll offer the first month FREE!'

Re:Equal Protection?

[hairyfeet]

I think an example that has been in the news a lot lately would be wholly appropriate and would help illustrate your point: Bernie "I stole 50 billon!" Madoff. Is there anyone who thinks that if that electronic lease was taken off him and he was given 10 million in bail instead that we would ever see old Bernie again? Nope, me neither.

The point of bail is NOT to tax or to punish but to CONTROL. We want you to go to trial. We give you an economic incentive to show up by taking some of your money. But if we let the rich pay what would essentially be the change in their pocket then there is NO economic incentive for them to bother showing up, now is there? And on the flip side by cranking up the bail way beyond the economic incentive barrier you have turned "innocent until proven guilty" into "guilty until somebody takes pity on your or your trial is over" since you are going to rot in jail. That is why many of us have a problem with the way bail is being treated today.

Of course it is just a symptom of the larger cancer that has eaten its way deep into our system, where those with money are allowed to freely bribe.....er lobby their way into and out of anything they want with impunity. But that is for another day. But I am sure they could find a bail number that would provide economic incentive while still letting this guy be with his family. Of course he pissed off city officials so they are most likely using bail as a punishment against the foolish serf.

Re:Equal Protection?

[Creepy+Crawler]

---Well, in the real world fortunes are built by leaching off the hard work of others, but we'll pretend.

Not that I disagree with the sentiment, but I cant see how that's factually true in many contexts.

1. My dad was doing stuff (cant exactly detail what though) with miners. Those miners were getting paid up to 400K/yr because how good they were. They were creating base wealth - not screwing over people.

2. I know a guy who's in charge of foreman over a big pipe project from the midwest to Nevada(? somwehere in that direction). There's a big cost in installation, but that enables trade for cheaper good, because it was cheaper to install a pipe than shipping other means. And large amount sof personnel were required to make the pipeline spanning thousands of miles.

3. Anybody who's a farmer, except for those god-awful megafarmers, puts in base resource in the system which wasnt there prior to that (Well, hay is cheap compared to steak).

4. Nearly any computer programmer takes food, caffeine, and electricity to make code. That code wasnt there prior to that.

So yeah, there's jobs that one can own that add to the salable goods pool, and not take away from specific groups of people.

Re:Equal Protection?

[A+nonymous+Coward]

Oh, and bail is refunded if you show up for court.

"The law, in its majestic equality, forbids the rich as well as the poor to beg in the streets, steal bread, or sleep under a bridge." -- Anatole France

So very useful, to know that if you could only have borrowed a frightful sum of money many times your yearly income, they would let you have it back years later after the wheels of Justice have ground ever so slowly.

Here we have a classic example of how the law screws the less than wealthy. This guy is thrown in jail at taxpayer expense when an ankle bracelet would have been good enough to keep track of him. He also has no income and gets deeper and deeper into debt.

He is being punished for being charged with a crime, not for being guilty.

Is the government going to pay him for lost wages if he is found innocent? Will they keep up mortgage payments while he is in jail before the trial?

I kinda fucking doubt it. You show me the justice.

Re:Equal Protection?

The problem, if I may say so, is the fact that the USA have an adversarial legal system: specifically, the prosecutor and the police are not interested in finding out the TRUTH, they are interested in making sure you're found GUILTY, no matter whether you ACTUALLY are or not.

Change this, and things will change for the better, although it'll also require you to slaughter certain holy cows, like the notion that everyone, from judges to prosecutors to police chiefs, should be elected by the people.

Re:Equal Protection?

[mtrachtenberg]

Not only does the guy sound sane, it sounds as though he's got grounds to sue the folks who are trying to prosecute him. TFA suggests these incompetents were upset to find (1) a modem that had been in the admin's office since before he started working there, and (2) a modem set up to page him on any problems, and (3) a modem set up to handle emergencies.

Obviously, this was not handled well by either side, but I'm inclined to believe the guy in jail over the clearly incompetent managers.

Re:Equal Protection?

[Nathrael]

I agree with you that people should not be punished for their success. However, people should *not* be treated special because their relatives worked hard. People should be given the same chance to succeed but also the same chance to fail, purely based on their abilities but not on their family. Disclaimer: I'm a neoliberal and usually oppose govt interference in economies.

Re:Equal Protection?

[KevinIsOwn]

That quote is indeed stupid, since Paris was charged with a relatively minor offense in comparison to being charged with hijacking the network of a city government, so obviously her bail would be fairly easy to make, especially with her wealth.

However, the vast majority of people, poor or rich, can post bail through bail bonds, since in general, the vast majority of crimes don't involve people who are very likely to run away. And it's perfectly fine if a rich person is able to afford bail, the idea is that it is high enough so that they can't run away, despite their wealth. People even routinely post bail at amounts they can't afford through bail bondsmen, resulting in a huge incentive to show up to trial (they will have absolutely no money to run away with if they don't).

Re:Equal Protection?

[A+nonymous+Coward]

Handle bail like traffic fines in Finland, where they are a percentage of income.

The point of bail is not to make it impossible to be free while awaiting trial, but to make it a losing proposition to not show up. You apparently think that rich people should get out of jail and poor people should not. Is that because poor people have nothing to lose by skipping town and rich people have too much to lose, so bail is not really necesary?

Re:Equal Protection?

[Creepy+Crawler]

It's been socialist for a hell of a long time. Why?

Lets look at taxes. If you're a public corporation, you pay roughly 40-50% taxes per year. Hmm.. Wouldnt the tax payout be similar to OWNERSHIP of a company in terms of 40-50%?

Definition Socialism: any of various economic and political theories advocating collective or governmental ownership and administration of the means of production and distribution of goods --According to Merriam-Webster

By that account, we're half-way to socialism, and little to show for it when compared to more socialistic countries in Europe.

Re:Equal Protection?

[russotto]

However, the vast majority of people, poor or rich, can post bail through bail bonds, since in general, the vast majority of crimes don't involve people who are very likely to run away.

Bail in this case is $5,000,000. A bail bond would cost $500,000.

So much for the Eighth Amendment.

Re:Equal Protection?

[Zerth]

Considering the amount of kerfuffle about city governments arranging traffic laws to generate revenue, I'd be for them picking on the wealthy.

If they are going to be profiteering jerks, they might as well be efficient about it.

Although around here, all the sporty $30k+ cars are owned by people living in trailers, so that might not work out as an indicator of income. Maybe show their state tax records to the license check instead. Then I'd be safe:)

Re:Equal Protection?

Yes, he is more Marseilles Hilton all right.

Re:Equal Protection?

or possibly he couldn't make bail because he's not as filthy rich as Paris

That's hot!

Re:Equal Protection?

[radtea]

Hey, hey now. It's called "Canada", not "Socialist America".

Canada is somewhere in between a liberal democracy and a social democracy. Socialism is government ownership of the means of production, which Canada has less of than the US, particularly after the Bush national socialist spree.

Re:Equal Protection?

What is an IT person supposed to do? They hire him to be in charge of the network and then ask him to hand out root passwords to anyone important in the city government. At my job they make us swear on everything holy to not give our passwords or pins to ANYONE

Well, then your employer is pretty stupid. If you get hit by a bus, then your employer has a big problem.

Important IT passwords SHOULD be given to authorized representatives, and there should be more than one.

Now, you might argue about WHO those authorized representatives should be, and are they qualified. But even if they aren't qualified, they will be able to give those passwords to a qualified replacement when you get hit by a bus.

Re:Equal Protection?

[Vancorps]

Are you talking about Canada? Because the united states effective tax rate is no where near that high. I'm not sure where you got that impression either. Here's a source for you. And another and here which actually states the corporate tax rate as 35% for the upper end. Sorry, that doesn't sound very socialist. It's definitely on the upper end of world wide tax rates but dictatorships, communist countries, and the rest all seem to do roughly the same.

Also I fail to see how even tax rates on revenue relate to ownership in the company. You mean to say that all the money the government put into public works like roads, power, and telecomm shouldn't be compensated by the people that use it the most?

Re:Equal Protection?

[Lysdestic]

What do you think this is, The Register?

Re:Equal Protection?

[shadowofwind]

Oh, and bail is refunded if you show up for court.

Not necessarily. I was arrested on a completely made-up charge a couple of years ago, and at the end of it all they kept 10% of my bail for no other reason than profit. It wasn't very much money compared to what I spent defending myself, or having to change jobs because of what the arrest did to my security clearance, but it still pissed me off.

On TV, the cops always interview the accused, to try to ascertain if they've got the right guy. Not necessarily so in real life. Never once did a police officer or prosecutor ever talk to me or look at the copious evidence I gathered in my defense. As far as their interaction with me, the process consisted of them showing up at my door at night with cuffs, then finally dropping the charges on the morning of the jury trial when the prosecutor realized they didn't have anything.

Re:Equal Protection?

[ArsonSmith]

Well, perhaps people with part time jobs should have longer jail sentences because they have more free time than people with full time or full time + jobs.

Re:Equal Protection?

[spasm]

"Mr. Childs probably isn't pushing for a speedy trial because the State probably has a strong case against him and he wants to build an effective defense."

In the United States your defense lawyer will almost always recommend you waive the speedy trial right because a 'speedy trial' means 'within 45 days'; your defense lawyer has half a dozen other cases on her worklist at the same time, with court dates and so on already scheduled at the time she picked up your case. In order for her to put together *anything* resembling a coherent defense it's going to take more than 45 days. Unless you're so rich you can pay her to pass all her other cases off to other lawyers and work on nothing but your case for the next 45 days.

So if someone waives their constitutional right to a speedy trial, you still can't really say anything about how strong or weak the State's case is, just that he isn't rich enough to pay a lawyer to drop everything for 45 days.

Re:Equal Protection?

[deKernel]

However, the vast majority of people, poor or rich, can post bail through bail bonds, since in general, the vast majority of crimes don't involve people who are very likely to run away.

Bail in this case is $5,000,000. A bail bond would cost $500,000.

So much for the Eighth Amendment.

As the GP stated, the amount of bail is proportional to the severity of the charged crime and the risk of flight. The severity of the charge is quite high: the apparent hi-jacking of a government network.

Re:Equal Protection?

Hate to newb it up in here, but couldn't they have brought down one less-essential router briefly to do a ctrl-break and boot with whatever hex value it is to skip the config, then offline-attack the pass?

Re:Equal Protection?

[Vancorps]

It doesn't sound like you are involved in network administration if you have such strong opinions about router access which is not something everyone should have access to. There are definitely a few types of devices where it does no good to give higher ups access because the only thing they can do with it is screw it up.

City managers were clearly screwing up as they should have had to at least two admins and both of the admins would then have the login information available to them. Some random Joe should not be logging into my router anymore than I should be monkeying with a nuclear reactor. If you're not trained on the hardware then you shouldn't be working on it in a production environment.

Childs' reaction was definitely in the wrong so there is clearly wrong on both sides but his manager clearly wasn't handling security seriously and had no business asking of Childs' what he did. I don't give my boss my personal passwords either nor does anyone in the company get access to personal passwords as there is no need.

Re:Equal Protection?

[ElizabethGreene]

According to Mr. Childs, the passwords were requested by his skip-skip-level boss, 2 HR people, and an unknown number of people listening in via speakerphone in an unscheduled meeting he was pulled into while onsite at one of the office locations. A Police detective was also standing by.

I can only hope the true story of what happens here comes out eventually.. but that is unlikely.

-e.g.

Re:Equal Protection?

[Civil_Disobedient]

I take it you don't have a mortgage.

Or children.

Re:Equal Protection?

[doconnor]

I'm pretty sure taxes are, in part, a social program. That's why the rich are supposed to pay a higher rate then the poor, but get the same (or fewer) services. It's part of the transfer from the rich to the poor to keep the division between them from getting worse then it already is.

Re:Equal Protection?

[Drgnkght]

You are an idiot. I suppose his landlord (if he rents) is just going to waive his rent? His insurance company isn't going to want their money? The rest of the world doesn't care why he isn't working. He still has bills that will need to be paid. His lawyer is undoubtably sending him bills as well.

Re:Equal Protection?

[Jah-Wren+Ryel]

In the U.S., less than five percent of cases go to trial. That means that less than five percent of people ever test the presumption of innocence. Why? Maybe because they're guilty . . .

Don't EVEN try to claim that bullshit. Anyone who has had any exposure whatsoever to criminal trial knows that the prosecutors threaten people with trumped up charges in order to intimidate them into accepting smaller charges for fear of getting a bad ruling on the trumped of charges. It's a game of chicken in which the prosecuctors drive tanks and the accused drive yugos and is wholly unfair to anyone who is actually innocent.

Re:Equal Protection?

[zstlaw]

Actually I have been a proponent of the opposite system of law for a while. Basically make punishments fit the financial impact of the crime.

Steal a loaf of bread? That is a fine. Get caught with $100 of weed is a ticket. (proposed as a law in MA) Caught embezzling a million dollars is death sentence.

Now let me explain the last part. Basically crimes should be judged against the impact to society. You kill a man then his family loses Avg Salary (45k - http://en.wikipedia.org/wiki/Household_income_in_the_United_States) * 20 years = 900k

Add in 30% as emotional damages and you get 1.2 million as the damage done to the family by killing the father. Now I argue that if you receive kickbacks or run a Ponzi scheme that loses 1.2 million you have done as much damage as if you walked out and killed a man on the street but the damage is distributed across more people.

Bernard L. Madoff destroyed people retirement funds. There are people who will be eating dogfood instead of hamburger. He has effectively killed 50,000 people with the damage he did to society. He should be tried and judged accordingly. Where this gets weird is the SF case, is this man responsible for shutting down the gov't? Is his crime millions of dollars in damage? At worst I think it woudl be 2 weeks salary of a competent admin resetting passwords on routers and systems. 30k should cover it. The problem here is his bosses understood nothing of the systems involed and he wasn't gonna fix things for them after being fired.

Re:Equal Protection?

[NFN_NLN]

He also has no income and gets deeper and deeper into debt.

Begging your pardon, but if he is sitting in jail, he also has no expenses.

That's not true, just because you're in jail doesn't mean you're exempt from say... your monthly Trollers Union dues.

Re:Equal Protection?

[AlecC]

The function of bail is to make it not worth the accused's while skipping town. The problem for very poor people is that if they have nothing, there is no reason for them not to skip town. Therefore it is quite likely that even moderate bail will be set to more than their net worth. For a rich man, a level of bail which he can afford (possibly just by depositing securities) may still, in the judgement of the court, be such that the cost of skipping town exceeds the cost of facing the charges in court.

It is not so much an intentional "letting the rich get away with it". It is the problem that if you don't physically lock them up, you have no hold over the very poor, or over the fairly poor for serious offences. If you can find another way of ensuring that someone who has no assets will turn up in court, I am sure "the system" would love to know.

Re:Equal Protection?

[Lumpy]

you walked into this one.....

"In the U.S., less than five percent of cases go to trial. That means that less than five percent of people ever test the presumption of innocence. Why? Maybe because they're guilty . . ."

you know what, anything legal based is not free here unlike other countries where everyone is given free lawyers, free witnesses, free free free to defend yourself in court. a DECENT lawyer costs you $300.00 an hour, pay him up front. Public defenders are so overloaded they either half ass it or convince you that it's better to simply plead guilty. Court costs, Legal fees, plus if they want to make an example out of you (which happens a LOT), even the best lawyers wont save you. The Plaintiff in legal cases is the state and they have unlimited legal funds. They know they can easily outspend 90% of the people out there and Most dont even try to defend themselves because they dont even have $200.00 in their wallet, let alone the $1500.00-$10,000 it takes to defend yourself in a court. Lawyers will NOT dot his for free or payment plans, you gotta pre-pay them.

I'll take your statement IF you force all lawyers to not take any money until the end of trial, and if the person is innocent then the state has to pay 5X the lawyers fees to the lawyer.

that will NEVER happen because it would balance the scales of justice. Justice has a pile of cash on one side and if you dont have your own pile to balance it out, you are screwed if you ever get into the legal system.

Justice is blind, but she loves the smell of money.

Re:Equal Protection?

[radio4fan]

...the jury cannot convict you unless they find beyond a reasonable doubt that you committed the charged crime. Juries take this very seriously. "Every lawyer" knows that. Juries can be stupid, sometimes, but they very often are stupid on behalf of the defendant. In other words, if they're not sure then they cut the defendant a break. "Every lawyer" who actually does trials knows that, too.

Strange, because in my two experiences as a juror, the entire jury with the exception of me was of the opinion that "they arrested him and he's here so he must be guilty".

They were unwilling to even consider the evidence for the defence.

This was in the UK, not the US. Maybe it's different over your side of the pond, but I somehow doubt it.

I found it both depressing and frightening.

Re:Equal Protection?

[amclay]

Now I argue that if you receive kickbacks or run a Ponzi scheme that loses 1.2 million you have done as much damage as if you walked out and killed a man on the street but the damage is distributed across more people.

I argue that a human life is more than just the money involved.

Re:Equal Protection?

[weiserfireman]

I am currently an admin for a small company, but I have been an admin at a bank, and I am a CCNP.

I maintain a drop dead book of essential network information including root passwords for all servers and routers. My company never asked me to make it, I volunteered to make it, and we keep it in a safe that the CEO has the combination to. When I need to update something in it (rarely), He opens the safe, gives me the book, I update it, return it to him and he locks the safe.

Voluntarily doing this little thing strengthened the trust the Company has in me. They know that I place a priority on doing what is in the Company's best interest. This was demonstrated a couple years ago, the employees took out a loan and bought the company from the previous owner, making us a 100% employee owned company. I was asked to be the Chairman of the ESOP committee that oversees the Trust that holds all the company stock for the employees.

Re:Equal Protection?

While at the same time I've seen arguments that it's right that the rich and powerful tend to get more when they sue newspapers and radio stations for defamation because they're more valuable people... I mean their reputation is more valuable.

Lets go the whole hog!
one rule for the rich, one for the poor!
The lazy fuckers!
Probably all criminals anyway!

Hit someone while drunk driving? well since you're rich you're obviously more valuable to society, lets stack the odds in your favor so you don't go to jail!

Speeding? well sure if you make more money in the 20 minutes you save getting to work than it costs you to pay for your speeding ticket then that's perfectly fine!
It just makes economic sense for you to break the law then!

Crime isn't the same as milk or eggs. It's not a comodity. Fines are supposed to be punishment so if a fine is too small to be noticed by one person or so big as to not fit the crime for another then it's not justice. Fines relative to your wealth make perfect sense in that context.
If you get to avoid going to jail because of your daddies money then something is seriously messed up with your legal system.

The System is not perfect, But why is it wrong to born into money? If I commit a crime and dad wants to keep me outta jail until the trial, is anyone to blame for that.

We're not a perfect society, I don't think we'll ever have perfect rules. A society based on wealth of any kind, will always have the poor.

Re:Equal Protection?

[MarkvW]

I was using "strong" in a relative sense: In the sense that the prosecutor has a strong enough presentation to overcome the defense's presentation as it stands right now. Right now the actual quality of each side's case is a mystery.

Re:Equal Protection?

[pla]

How do you balance this individual need against an organizations's need for continuity of operations in the event of your death or incapacity to perform work?

A well-defined procedure already exists to handle that possibility - You write all the root-like passwords on a card, possibly with some level of instructions on where and how to use them, seal it in an envelope signed across the flap, and deposit it in (on of) the company's safe deposit box(es).

If the "wrong" people have access to that, then a company has much bigger problems than mere network security.

As that concept applies in this particular instance - It sounds like Childs should never have had sole possession of the router passwords in the first place, so do we blame him or his superiors for that? And as for his "superiors", it sounds like the chain of command here remains very much in question, with only one person involved (other than Childs), his immediate boss, having any clear "right" to those passwords.

Re:Equal Protection?

[j0nb0y]

You mean to say that all the money the government put into public works like roads, power, and telecomm shouldn't be compensated by the people that use it the most?

If corporate taxes were based on the amount of government services consumed by corporations, then you might have a point. As is, the corporate tax rate is a simple tax on yearly profits. I suspect there is little correlation between taxes paid and services used. A corporation could use tons of government services and then not pay corporate taxes simply by failing to make a profit.

Re:Equal Protection?

[ArsonSmith]

In the U.S., less than five percent of cases go to trial. That means that less than five percent of people ever test the presumption of innocence. Why? Maybe because they're guilty . . .

Maybe because the expense in lawyers the time off work for trial and the problems with being in court along with the chance that you may be wrongly found guilty anyway make it a much greater incentive to plea out, pay the fine and forget the whole mess.

Re:Equal Protection?

[Vancorps]

Given that most corporations don't pay any taxes you are correct in that they are not directly linked. You'll also note that I didn't state they were directly linked. That is just the rationale used to justify taxation of corporations and its pretty fair. Why should a billionaire pay an arse load of money to build a road millions will use when the millions can pay a small amount to accomplish the same task. Of course a billionaire benefits more from the road millions travel on because at least some of those people are working for him in turn generating more wealth.

It would be nice if we could just scrap the entire tax code and start over with something no longer than 10 pages. Then you could reduce the tax rates because there wouldn't be any loop-holes and everyone would be happier. Everyone except for tax lawyers and H&R Block type places.

Re:Equal Protection?

[DrgnDancer]

You're completely missing the point of "bail". It's not a punishment, it's a prod; a goad intended to ensure your appearance in court. You get it back at the conclusion of your trial regardless of whether or not you are found guilty. Other fines may be assessed if you are found guilty, and they may be equal to or even greater than the "bail" you paid, but you get that money back regardless.

So let us assume two men, one a high school drop out with (for all intents and purposes) no money, the other an industrialist with a few million in liquid or near liquid assets. Both men are accused of a white collar crime (we'll say the same crime for the sake of argument), both men given a one hundred thousand dollar bail. The broke man is either going to rot in jail or have to take out a short term loan (normally a "Bail bond") which is co-signed by some family member or (really good) friend. The person either CAN'T miss their court date (because they're being driven there by the cops), or has a strong motivator to be there. They don't want to hurt their family or friend or lose whatever collateral they put up for the loan. The industrialist on the other hand has put up a small fraction of his liquid assets. If he is guilty (or innocent but he feels the case against him is very strong), his motivation for sticking around is pretty slim. He could just up and leave, abandoning his money. To make matter worse, because the bail was only 2-3% of his available capital, he now has plenty of resources available to him for his fugitive run. Another 2-3 hundred grand and he has an untraceable fake passport, and a trip to somewhere tropical that we don't have an extradition treaty with.

Not worth it for something that may result in a year or two of jail maybe, but what about 5 or 6 years of jail? That's why bail amounts are adjusted based on both the seriousness of the crime and the resources available to the defendant (or should be), it's supposed to hurt if you break bail. Fines are a completely different argument. In that case I agree that basing them on income is unfair, but bail is always supposed to be enough to make running for it a less attractive option than facing trial.

Re:Equal Protection?

[multiOSfreak]

It also stems from the fact that we don't lock up innocent people in the western world.

Say what?

Given that in America, at least, the *ideal* is to hold all charged with a crime as innocent until otherwise proven guilty, how would you explain the situation at Gitmo? There are people who have been incarcerated there for years now without even being *charged* with a crime, never mind having had even a bullshit kangaroo-court trial.

I'm a believer in habeas corpus: either put up, or shut up.

Re:Equal Protection?

[sjames]

the industrialist should have his bail set 1000x higher as a punishment for being successful?

Actually, yes! A bond (bail) that you put up is supposed to be enough to make sure you'd rather show up for trial than forfeit the money. For some people, $100,000 requires them to mortgage everything they own, for others, it's pocket change that they won't even notice if it disappears. Few people would go to trial just to avoid the loss of a little pocket change.

Note that very wealthy people in general ALSO have a much greater ability to get out of the country and set themselves up comfortably somewhere with no extradition than the rest of us. Easier flight from justice increases the flight risk.

Re:Equal Protection?

[sjames]

I wouldn't be so sure. In Atlanta about a year ago, the Superior court set a lot of people free because they had been in jail awaiting trial for longer than the maximum sentence for their offense (presuming that they were found guilty). None of them had waived their right to a speedy trial.

Naturally, since they obviously had no money, they didn't get any compensation.

Put another way, these days the right to a speedy trial is a bad joke.

Re:Equal Protection?

[pyrr]

Incompetent managers? Isn't that a bit redundant?

I know in some places, people who are too stupid or inept to do their jobs are the ones who wind up with the management promotions, simply because it's almost impossible to fire anyone. Those who can do their jobs and do them well wind up staying where they're at, because things usually just get done. This is particularly the case in the public sector.

Re:Equal Protection?

I hope your whole post is sarcastic, because otherwise you are a filthy liar and a raging idiot.

My state's prisons are full of people who plead guilty. Do you know why they plead? It's not because they are guilty (certainly some are, and many aren't, but that's not at all the reason), it's because the prosecutor comes to them and says: "I already convinced a grand jury to vote true bill on these charges and you will be convicted for 30 years on all these charges." This person knows that this may be true, or at least fears it, "But," continues the prosecutor, "if you plead guilty to these lesser charges you'll only get 18-36 months."

Well, what do you think most poor people that can't afford their own lawyer do? They'd be insane to not take the plea, and that is why so few cases go to trial.

And if you think all grand juries are competent and great, my brother in law just served on one. The jury voted true bill on almost everything, including one guy that slept through many of the prosecuting attorney's presentations and woke up to vote true bill at the end of each. When questioned about this the fellow stated that the attorney wouldn't be there presenting anything if they guy wasn't guilty.

Yep, show up in court, you have a strike against you already just by sitting in that chair with many juries. Our prison population in the US proves it. Innocent until proven guilty is our social myth, just like "your vote [for president] counts!"

Re:Equal Protection?

Yeah, but if you've got nothing, you've got nothing to lose. Bail too low, and you're a flight risk. What do you care? If you're a poor kid from the ghetto, you're going to disappear. Some rich people, like Madoff, are flight risks because they'd also be willing to disappear. No amount of bail is appropriate - even if you take 90% of his wealth, he can live on the other 10 easily and it would be preferable to spending the rest of his life in jail. Someone like Paris Hilton can't just disappear, she has no existence outside of attention whoring.

Re:Equal Protection?

That's all nice and idealistic, but how do you plan on enforcing relative bail?

Look at someone's income?
Well, what happens when, like in Paris Hilton's case, the family is obscenely rich, not necessarily that one person (she is probably well off herself, but what about other kids that are rich from family but have no income or money to their own name?)

Okay, so let's base it on the entire family income. Well, what if someone's family isn't independently wealthy, but their best friend is and will post their bail. So now do we include all friends? How do you determine a friend?

And even if we said to base it on the income of the person and their immedite family, what if the person happens to have a filthy rich dad who he is not on good terms with - dad definitely won't help with bail, but we would have to use his income to set the amount, essentially pricing the guy out of bail because he has a wealthy relative that he isn't on good terms with.

So how do you suppose you enforce this idea of bail relative to their willingness and ability to pay?

Of course, it is WAY easier to sit on slashdot and rip the rules that exist without a single alternative than it is to actually try and propose a better solution, so by all means - keep doing that.

Re:Equal Protection?

[osu-neko]

Why should it apply to taxation? Taxes are not a social program. It's designed to pay for government.

And insurance premiums are designed to pay for insurance. They are, nevertheless, adjusted to the value of what's being insured. It would be silly to suggest every person pay a fixed amount for their home insurance when some people own much more expensive homes.

Why would the same principle not apply to government? We all need to pay for the army, police, and such to continue to have all that we have, not only our insured homes but our lives, our livelihoods, and ultimately are civilization. It be bizarre to suggest that when your assets are worth $10 million and mine are with $10 thousand we should be paying the same fixed amount to protect them. If your livelihood amounts to a $500,000/yr salary and mine is a $50,000/yr salary, should be paying an equal fixed amount for its protection, or should we be paying proportionally?

Your insurance company would laugh you out of the office, but for some reason, you think your government shouldn't?

Re:Equal Protection?

[Kool+Moe]

If you believe the 'Rich' use the same or fewer government services and benefits than the 'Poor', well, I suggest you keep researching the issue.
KM

Re:Equal Protection?

[Curtman]

<insert obligatory whooshing sound here>

But anyway, I heat my home with natural gas supplied by the government owned distributor, power my devices with power from the government owned electrical utility. Until about 10 years ago I had telephone service from the government telephone company, and bought gas for my car from "Petro Canada", the federal government's own retail gas chain (which they since sold off and privatised). Private hospitals are illegal here, you have to go to the government run free hospital unless you cross the border and have money to burn.

Maybe we're in a grey area somewhere outside of socialism, but most of us see those policies as being socialist, and most of us support them. If you even mention allowing private hospitals here in a public place you're bound to have a mob of people loudly tell you otherwise.

Re:Equal Protection?

[LVSlushdat]

> By that account, we're half-way to socialism, and >little to show for it when compared to more >socialistic countries in Europe.

And with Comrade Obama and his Democrat... err Socialist friends in CONgress, we've gonna soon be ALL the way to socialism...

Re:Equal Protection?

[Savantissimo]

I agree. I'd set the bar a little more strictly to be sure we're talking about real money and fiduciary or professional duty, though - otherwise we'll get the RIAA seeking the death penalty for having a few dozen songs offered for share. And I'd also note that execution is usually wasteful. The 13th amendment didn't actually outlaw slavery, in fact it specifically authorized slavery "as a punishment for crime whereof the party shall have been duly convicted". So I'd award the victims ownership of the con-men, plus the money that would have been spent on the perps' incarceration.

Re:Equal Protection?

You are CITING Huffingtonpost and thinkprogress as unbiased sources when it comes to taxation? That is a big a joke as citing Fox News or World Net Daily when discussing whether or not Obama is a socialist.

Re:Equal Protection?

[corbettw]

It doesn't sound like you are involved in network administration if you have such strong opinions about router access which is not something everyone should have access to.

I'm a sysadmin, not a network engineer. But the concepts are the same regarding root passwords: you don't own them, your employer does. And whether your boss is right or wrong to ask for them is immaterial, he's your boss, you hand them over when asked.

You can disagree with me, or disagree with the guy who was fired and then arrested for following the course of action you propose. Which makes more sense?

Re:Equal Protection?

[MightyMartian]

But more seriously wow. I had only heard about this in passing, and didn't know the details. What is an IT person supposed to do? They hire him to be in charge of the network and then ask him to hand out root passwords to anyone important in the city government. At my job they make us swear on everything holy to not give our passwords or pins to ANYONE and probably would have us shot as a penalty if they could get away with it, but even without those restrictions I'm not going to hand out my password to my boss, my boss's boss, or even the CEO of the company.

I think a lot of it would depend upon your company's policies. If it's clearly laid out that for you turn over highly sensitive information like root passwords, there has to be some official requests/paperwork/records (which is the way it should be, though I've never worked with such a policy clearly stated), then you're right. However, if you're like a lot of us, without such a formalized process, then it becomes more problematic.

If my boss (who is co-owner in the business), right now, showed up at my door and demanded the root passwords to our critical VPN and file servers, well, I doubt very much I would have a legal leg to stand on in denying the request. What I would do at that point is ask that a waver been drawn up and signed by both of us with a witness clearly stating my concerns at the release of such information, so if the shit hit the fan, it wouldn't be my ass.

If my boss were just a manager at some level, then I would pretty much require someone much higher up okayed the request, and again, I would want a waver making my concerns and/or objections known.

Of course, if the person demanding it is, say, the Mayor, and I was head of the city's IT department, then I doubt very much I would have a legal leg to stand on, and going as far as Childs did is just inviting a legal catastrophe for which I suspect he has only begun to feel the pain from.

One thing it does drive home, and one thing I am going to discuss with my boss is a clear policy on who, when and how critical security information can be released. It really is for both my benefit and the benefit of my employer.

Re:Equal Protection?

I know what you mean, but it is in fact logically impossible to prove your innocence. Prove, for example, that you didn't order the WTC blown up by scratching your nose as you left for work on Sept 10.

Re:Equal Protection?

[sudotron]

I'm in the US, but I've always wanted to serve on a jury (I never will, seeing as a I have a record, but it's a nice thought). It would give me the opportunity to attempt to do what juries need to do far more often than they do--nullify. Seriously, the war on drugs would be over right now if more juries simply nullified cases (similar verdicts happened frequently during alcohol prohibition) and showed the government that We the People do not want to convict people for victimless crimes. Hell, I'd probably try to get almost any charge nullified simply on the basis that the punishment is disproportionate to the crime. The U.S. has some of the harshest sentencing guidelines in the civilized world, and look at what its gotten us. No remarkable drop in crime rates, and the highest incarcerated population in the world.

Re:Equal Protection?

[Vancorps]

Childs didn't go to jail because he didn't hand over the passwords, he went to jail for causing disruptions in service by setting traps like not committing router configs to startup memory.

There were a number of other things he did to land him in jail but withholding the passwords is not a crime. He was under no legal obligation to hand over information that he himself created and did not agree before the project began that all data belonged to the city which is not to say that it belong to his immediate boss. There are a number of circumstances that arise where you do not give your immediate boss the information needed because he will do something malicious with it. You can choose not to give him the passwords and file a notice with upper management. The risk is losing your job, not landing in jail.

As for the risk assessment in your idea of what you should do and mine is that I place my resume at higher value than some middle managers will. If I have an extreme failure causing a public outage then my resume is ruined for life. If I resign over not wanting to give up sensitive information to people that will not handle the information correctly then I have re-enforced my resume with the next company which is going to see that you are following good corporate policy that is less likely to end up in litigation.

Typically in these scenarios accounting gets the list of sensitive passwords to store in a safe with the rest of the sensitive financial documents. This is not the job of an IT manager who clearly had no idea what IT was.

Re:Equal Protection?

[legirons]

Hit someone while drunk driving? well since you're rich you're obviously more valuable to society, lets stack the odds in your favor so you don't go to jail!

This (scroll down to July 25) is a story about a famous footballer in the UK receiving a caution for something which would result in a normal person going to jail.

The case never even appeared before a judge, because the UK police are now trusted to do what used to be judiciary work themselves.

Re:Equal Protection?

[CAIMLAS]

Yep. He has, at this point, essentially been ruined whether he gets off or not. This is not only due to this specific line of work - security and IT - but because he lives in a modern society where you can not simply change identities at whim.

One, two hundred years ago, it was possible to simply leave town and start over. Not anymore. You can travel across the world and you will still have to identify yourself as yourself, unless you want to fly under the radar. Today, simply being tried - and sometimes even accused - of a crime is enough to ruin someone's life, irrevocably.

What is Childs going to do, if he were to get out? Even if he were to change his name and fib work history for the past year+, the background check would show otherwise. If he were honest, there'd still be the stigma of wrongdoing associated with him, and he'd be fucked by HR.

Hell, we don't even rely on vetting people through association or demonstration of competence anymore. It's all a matter of whether or not you can pass a background check, and whether your credit and

Good luck to Childs if he's innocent. He's going to need it: he'll never work in his field of choice again (or any field which requires responsibility), and he'll need every bit of help he can get in suing his state's government to get a damages settlement. A reasonable settlement would be, what, $2.5 million for working in his field for the next 25 years?

Re:Equal Protection?

[Cormacus]

We don't have a justice system, we have a punishment system. Its been that way for a while.

Re:Equal Protection?

[TheReaperD]

Bail in this case is $5,000,000. A bail bond would cost $500,000.

So much for the Eighth Amendment.

As the GP stated, the amount of bail is proportional to the severity of the charged crime and the risk of flight. The severity of the charge is quite high: the apparent hi-jacking of a government network.

Severity of crime?! You're kidding right?

Most people accused of murder have lower bail amounts. San Fransisco county's own guidelines for bail recommend only $1 million for most murder cases.

So, you're trying to tell me that holding the passwords up for a government network is 5 times worse then killing someone? (Since flight risk does not seem to be a factor in this case as he wants to fight the charges.)

Re:Equal Protection?

[dave562]

Completely off topic, but the celebrity wagon has gone to an entirely new level. I'm attaching a link below. I became aware of the situation a couple of weeks ago when my girlfriend was watching MTV. In short, a rapper got caught in a FEDERAL sting operation trying to buy FULLY AUTOMATIC WEAPONS and SILENCERS. Any normal person would be in jail for a LONG TIME after pulling something like that. This rapper is getting out with 1000 hours of community service. It's bullshit.

http://www.ajc.com/metro/content/metro/atlanta/stories/2008/03/27/ti_0328.html?cxntlid=homepage_tab_newstab

Re:Equal Protection?

If my boss were just a manager at some level, then I would pretty much require someone much higher up okayed the request, and again, I would want a waver making my concerns and/or objections known.

If I were you, I'd make sure I got a waiver too.

I'm not sure what legal protection a robot that transforms into a boat is, but it does sounds like a cool thing to have.

Re:Equal Protection?

[Hork_Monkey]

That's a romantic idea, but it's not realistic or functional in today's world.

Did you know that your insurance company has an exact dollar figure on what your life is worth? Go talk to an actuary some time, and it's scary to think about how everything is trivialized into dollar amounts.

It's pretty transparent in normal life, but everything is considered a liability behind the scenes. It really only becomes apparent during lawsuits, insurance claims, medical care, etc.

Re:Equal Protection?

I run as root, kill as root, and live as root.

You don't mind if I do all my work in your home directory, do you?

Re:Equal Protection?

[catman]

Yep. In my last gig, if I had given away root passwords to anyone not on a very short list, where I knew everyone personally, armed guards would have escorted me out of the building. (In my country, those guards are the only non-police, non-military guards that carry sidearms.)

Re:Equal Protection?

[radtea]

insert obligatory whooshing sound here

Yeah, I heard the whooshing sound--I'm just reflexively correcting ignorant Americans these days about the use of the word "socialism", which has been watered down to the point where it means almost nothing beyond a generic slur.

I think you'll find most Canadians know what socialism is, and know that we have less of it now than any time in the past several decades. The very examples you cite require reaching back a decade or more and don't have much to do with contemporary Canada.

Here in Ontario OPG is no longer strictly government owned, and the Canada Health Act doesn't actually ban private hospitals, it just makes most of them uneconomical. Private hospitals do exist, and are likely to become more common in the future as Canadians get increasingly fed up with being told what they can and cannot do by self-righteous hypocrites like Jack Layton, who got his hernia repaired at Shouldice, a private hospital in Toronto.

Canada is a social/liberal democracy. It is not socialist in the meaning of the term that has been, until recently at least, widely accepted.

Re:Equal Protection?

[rgviza]

You mistake the original intent of taxes, with the current use of taxes. It's a common mistake for democrats.

And bail is not a social program. You got it backwards. Don't worry, we forgive you. Bail is supposed to be set by the potential danger posed to the community by the perp and the severity of the crime. Since this guy isn't likely to get his job back, this is 0 risk. He also didn't do any damage.

And the fact that bail is refunded when you show up doesn't help you if you can't produce the funds when you need the bail ;)

This guy is getting screwed by people simply because they are pissed off. It's pretty unprofessional of the prosecutor and judge to set bail that high. You could be a cop charged with murder and get and get a lower bail, like this guy http://www3.signonsandiego.com/stories/2009/feb/06/ca-train-station-shooting-020609/?zIndex=49309.

That's also a betrayal of trust. Murderers routinely get $1m bails.

This guy is getting f**ked.

Re:Equal Protection?

Not necessarily. I was arrested on a completely made-up charge a couple of years ago, and at the end of it all they kept 10% of my bail for no other reason than profit. It wasn't very much money compared to what I spent defending myself, or having to change jobs because of what the arrest did to my security clearance, but it still pissed me off.

Did you actually supply the money for your bail, or did you pay a bail bondsman to supply your bail?

Re:Equal Protection?

[robinsoz]

Actually, this was largely the system of slavery allowed in the Old Testament. You harm somebody - you have to make restitution. If you didn't have enough money to make restitution, you could be sold as a slave and the money would be given to whoever you had harmed. In general - with some exceptions - the term of slavery was limited to 6 years. Keeping someone as a slave longer than 6 years in many cases (even for a crime) would be considered kidnapping - which carried the death sentence. Seems like a much better system than letting criminals sit around in jail. When people try to say the Bible justifies slavery as it was practiced in the United States, they are not reading their Bibles.

Re:Equal Protection?

[Kaenneth]

After waiting five years for a social security disability determination, one thing I want the govt. to fund better is courts and judges.

Don't need more cops, don't need more prisons... we do need faster decisions being made. This would unclog local jails, allow review of prior convictions where new evidence was found, bring closure to victims, reduce costs, and overall reduce the fear and uncertenty in peoples lives.

When I worked for the local county, I had opportunity to watch a few arraingments at the jail; minor misdemeaor defendants had a choice, plead guilty and be sentanced at arraingment, and about half the time just get a fine/time served/suspended time/costs; or go back to the overcrowded, 20 bed + 10 floor pad cells and wait up to 15 days for the next hearing... arguing your innocence is not an option at that time, as the judge told pretty much every defendant as they almost all started to defend themselves. Only the entry of a plea, and setting of bail or sentancing. That is, Guilty, and serve less time, or Not Guilty and serve more time/pay more money.

No misdemeanor case where the defendant can't make bail should take more than 3 govt. business days. Hell, it shouldn't take more than an hour. The cop that arrested you should take you to the courthouse/jail along with statements from any alleged victims, and give a copy of the materials to a defender and a prosecutor. The case could proceed right then most of the time; unless a party presents an argument for delay such as the victim is currently getting medical attension, and couldn't get a statement, defendant is too drunk/agitated to defend self at the moment, wants to hire a specific attorney, etc. That is the right to a speedy trial is automatic, any delays are exceptions that may be argued; any consistant delays (such as as insufficent staffing delaying every single case) should be corrected, such as by hiring sufficent staff. If the consistant delays are not corrected, then let random defendants go until they are. the prosecutors will quickly focus on the important cases, and drop trivial charges.

Speedy felonies are not gonna happen, it's too big a decision to make lightly. but unclogging the courtrooms and jails would help the overall situation.

Re:Equal Protection?

[stephanruby]

The presumption of innocence is a rule that applies to criminal trials. All it means (ALL it means) is that the jury cannot convict you unless they find beyond a reasonable doubt that you committed the charged crime. Juries take this very seriously. "Every lawyer" knows that. Juries can be stupid, sometimes, but they very often are stupid on behalf of the defendant. In other words, if they're not sure then they cut the defendant a break. "Every lawyer" who actually does trials knows that, too.

Actually, research seems to contradict your findings.

For instance, when a confession gets thrown out by a judge, and the judge instructs the jury to disregard that specific confession, research found that when there is no other piece of evidence against the accused, such a confession is still effective enough to secure a conviction in a jury trial anywhere from 60 to 70% of the time (please forgive the round number, I do not actually remember the exact percentage).

In other words, your assumption that a jury, as a group, will listen very obediently to what a judge will tell them is very much mistaken. As a group, a jury will make up its own mind, and then its members (because they're not as stupid as you think) will know to keep the exact reasoning they used to themselves -- because they know that what they say could invalidate their decisions completely.

So if you ask me, this presumption of innocence does not work, and not because it's too lenient (well, it is too lenient to some extent for the people who already know how to play the system), but because the perceived protection that a court offers an accused seems so freaking high and at times so freaking unfair -- that when someone is accused -- the average jury member will try to counterbalance the perceived unfairness anyway he/she can.

In California for instance, another piece of evidence that the system is so warped, is that cops in training are taught at the academy *NOT* to read the Miranda rights to someone they really need a confession from. In other words, extracting a real confession out of someone is not easy, and it's far easier to make the person they arrest talk to them first, ask them a bunch of what-if scenarios, and then label whatever they say in response as a so-called "confession" -- this way -- since the confession is sure to be thrown out -- and since the defense lawyer can not cross-examine it (at the risk of getting it admitted officially into evidence)-- cops know that the so-called confessions they extract in this way will never be questioned afterwards, will never make it into the official court records, and yet will still have a pretty good likelihood of getting a solid conviction out of it.

So in other words, the system is indeed flawed, but your perception of the flaw is not helping -- it's only making the system more flawed than it already is -- because by assuming one extreme -- you're automatically taking the other extreme by default.

Re:Equal Protection?

[Arterion]

Because if you are successful, you are benefiting more from the system than others, therefore you should contribute more back to it.

Or from an ethical point of view, those who have more should help those who have less. The "success" of the rich is really all had on the backs of the poor, and it's always been that way.

Re:Equal Protection?

[CannedTurkey]

There are many stories in the military of unqualified or otherwise useless individuals being promoted. There are two primary reasons. First, as you said, because it's nearly impossible to have someone fired. Second, because the one thing that accompanies a promotion is a transfer.

Re:Equal Protection?

[Arterion]

Or rich people should have longer jail sentences because they're rich, and don't have to work at all!

Re:Equal Protection?

[Curtman]

I think you'll find most Canadians know what socialism is, and know that we have less of it now than any time in the past several decades. The very examples you cite require reaching back a decade or more and don't have much to do with contemporary Canada.

I don't know about that. The privatisation of MTS (The Manitoba Telephone System) was a huge deal when our provincial conservative government allowed it, people were furious. The current NDP government got in to power by forecasting doom and gloom about how the conservatives would privatise Manitoba Hydro (the gas and electric "company") as well. Neither one of them wants to do anything with our potential for generating hydroelectric power, but even the suggestion of privatisation gets people upset.

Re:Equal Protection?

[Arterion]

That depends: If you give the passwords to your boss, and your boss does something that fucks everything up, it CAN come back on you, even legally.

Plus, your job position on something like this might give you certain privileges in the organization that transcend your "boss". For example, certain privileges might have come from the highest levels of the organization, and thus require the highest levels to revoke -- not just someone in middle management.

Someone being your "boss" doesn't necessarily mean they have full authority over your job position. They might just be charged with managing you in a position that was created and empowered by higher-ups in the company.

Re:Equal Protection?

[Fluffeh]

or possibly he couldn't make bail because he's not as filthy rich as Paris

or possibly he couldn't make bail because he's not as filthy as Paris

There, fixed that for you.

Re:Equal Protection?

[Bourbonium]

To bring more local outrage to the case, bear in mind that the former BART police officer who shot and killed an unarmed man on New Years Day was slapped with only a $3 million bail amount, and was out of jail and back with his family within 24 hours after his bail hearing. And he was free to move around for about a month before he was finally arrested and charged with a crime. He's not rich by any means, but he was a police officer, so you can easily spot the double-standard here.

Terry Childs was arrested last July, immediately slapped with a $5 million bail, and has not yet been given a trial date (though he will have his first hearing on February 27). The asshat District Attorney didn't even know what crime to charge him with for weeks after his arrest, as she gathered evidence to make those charges (evidence which she then published, including the usernames and passwords of every SF City Employee who had a VPN account).

And how many innocent people did Terry Childs murder?

Re:Equal Protection?

[QuickSilver_999]

As a former bail bondsman, I can state 100% yes. Bail is intended to make someone show up. Therefore, there must be a way to stop the person from disappearing. If I have a millionaire and a homeless person both asking for bail, the millionaire is usually a better risk. Even if he runs, I can usually get my money from his possessions (he may flee with some, but houses are a stone bitch to move, so that at least is left behind, as well as his 3 or 4 extra cars, big screen TV, etc. etc.) On the other hand, the homeless man has nothing that keeps him in the town. It's fairly easy for him to pick up stakes and move south for the winder, losing me my money. He doesn't have any possessions that will be left behind for me to sell and recover my cash. He is a substantial risk.

Bail (at least from a bondsman) is an insurance policy. In fact, in my state, you had to be a licensed insurance agent to write bail. I wrote a policy to the court stating that if the person failed to show, I would pay the outrageous sums required. My "fee" was the premium for writing the policy, just like your auto or house insurance payment. If you don't have a fixed address and no job, try to get auto insurance. It's a little difficult isn't it? Especially if your credit is wacked.

I would write bail for a person like this, provided a co-signer could be found that perhaps owned property, definitely had a real job that would be a hassle to disappear from, had long standing ties to the community, etc. But the routine calls I would usually get saying "You gotta get my baby out of jail!" when they have no job, no property, no money. Sorry, not going to happen. Call when someone with something to lose wants to sign on the dotted line.

Bail is actually a public service, since those who provide the bail have removed a person from the jail, where they are eating government food, sleeping in a government bed, and peeing in a government pot, and puts them back out where they can earn a living and continue to pay taxes.

Re:Equal Protection?

[unix_geek_512]

What were you arrested for?

What geographical area?

Re:Equal Protection?

[corychristison]

If you even mention allowing private hospitals here in a public place you're bound to have a mob of people loudly tell you otherwise.

In Saskatchewan here. Same reaction.

I don't fucking understand it. I've been an advocate of a public/private system around here for some time. I've had various debates about it and people seem to think that public/private means they have to pay for services. Which is not so. A public/private system would basically allow private shops to open up and do their thing.

Boob jobs do not exist in this area (not sure about other provinces). If I wanted to go out and buy my wife a $90,000 pair of tits, I should be able to do so. But no. Unless you have breast cancer and loose a breast, an implant is not acquirable. Same goes for ANY plastic surgery. If people want to spend money on that crap, LET THEM. It would bring _more_ money into the health system. But people just don't seem to get it!

Maybe it's just because I live in Saskatchewan. People here are so fucking close-minded it sickens me. Only reason I am still here is my whole family is here and housing is cheap.

Re:Equal Protection?

[mabhatter654]

This is my big problem with the US system is that there is no "closure" involved. They "dropped" the charges at the trial date after disrupting your life for many months... and because they dropped them, they are free to do it again.

There should be compelling by the court to finish cases that are started. There should also be judgments on all the actors in play, at the same time. If they find a piece of evidence obtained illegally, or lawyer messed up, all the parties should have punishments at the sentencing. If the DA is wrong and you've sat in jail then the state should be compelled to "make it right" before you leave the court, not in some separate action.

Re:Equal Protection?

[Mista2]

To me it sound liek the incompetents in charge of him did not make sure the root passwords to critical systems were known by at least two people.

Re:Equal Protection?

[mabhatter654]

didn't he have several hundred thousand stashed in his apartment? They may have had to set the bail high enough he couldn't burn his cash and never show up. Because you only pay 10% they had to make the bail really high.

When they find him not guilty, they need to start hauling in his managers for filing false police reports and the prosecutor for negligence. Even the charges are at the fringe of the common application of the law in these matters. Prosecutors need to spend some quality time on the other side of the bars when they overreach.

Re:Equal Protection?

[Duhavid]

I presume you dealt with a bail bonds corporation?

They are a third party to the whole situation, and their product is getting you released from jail if the court allows this, and sets a bail amount. They don't know if you are guilty or innocent, the whole question is beyond their ken.

From that 10%, they pay an insurance company some percentage for standing as Surety. They also maintain staff to track you down in case you skip a court date. And the staff to run the office, and run down to the jail to post the documents that get you out.

Also, if it is a California bail bonds agency, they are required to charge 10% ( unless, as I understand it, you are represented by council, a member of the military, or a union, and can prove one of the preceding, in which case, they can charge 8% ).

Re:Equal Protection?

[Mista2]

Now if the engineer personally owned the routers and was paid to run them to provide services for the city, then he can definitely withhold the passwords, but if the city paid for the routers, and then hired him to manage them, the root passwords belong to the city, not the engineer. If a city official with the correct permissions asks for the passwords, then they are to be handed over. Anything else is just incompetence from the engineer.
Setting traps like no saved configs, again is incompetence form the engineer. Not having hte configs exported out and backed up, again incompetence.
Sound like the City stuffed up, had no clue and hired a dodgy engineer who also had no clue, or at best was just acting maliciously.

Re:Equal Protection?

[Mista2]

Or in the US -
criminal court: Murder - Not guilty
In civil court: pain and suffering to the family of the victim - guilty - pay 10 million

And I thought you couldnt be tried for the same crime twice. Oh well, only in America, land of the free.

Re:Equal Protection?

[Bourbonium]

It's not a mystery at all. Go read Venezia's blog posts on this topic going back to last summer, and pay special attention to the comments by people who worked with Childs in the past, who all vouch for his integrity and skills as an admin. One of the commenters was Childs' former Supervisor, who says everyone with a brain was leaving the department because they were sick of the Newsome's political appointees who were put in management positions and made it impossible to continue working there. All of the best and brightest had left by the spring of 2008. Childs was simply the last competent person left in the building, and when the newly appointed CIO demanded he turn over to her every password they used for every function in the Department. He refused, and she had him arrested. It was then that she discovered they had no Disaster Recovery Plan except the one that Childs had been developing on his own time (simply because no one else had any idea how to do it). Then Venezia began investigating the Department, found that the CIO had set up a Sharepoint site hosting highly confidential information that was publicly available to anyone in the world who wanted to see it. Then the D.A. posted the usernames and passwords of everyone in SF City Government who had a VPN account, submitting this document as "evidence" of Childs' mischief, and again, made this information public.

I think Childs has a solid case, and the City of San Francisco may have to pay out millions of dollars to compensate him for at least seven months (probably more) sitting in a stinking jail cell unable to make a living or pay his bills while they destroyed his reputation. In the end, I expect Kamala Harris will have to resign over this one case. She certainly won't be re-elected.

Re:Equal Protection?

[arekusu_ou]

Yeah who knows who she had to sleep with for the money. They deserve respect too.

Re:Equal Protection?

[russotto]

When they find him not guilty, they need to start hauling in his managers for filing false police reports and the prosecutor for negligence.

Don't be silly. They'll just keep delaying and piling on charges. Then they'll offer a plea bargain. He'll take it, because the alternative is rotting in jail for several MORE months, waiting for trial -- and possibly losing at the end because a jury is always a crapshoot.

Re:Equal Protection?

[A+nonymous+Coward]

I was not arguing homeless vs rich, only normal vs rich. It is ridiculous that Childs has spent 7 months in jail, no pay, expenses mounting. That is where the discrepancy lies. He is being punished for being neither rich nor stone broke.

Re:Equal Protection?

He may sound sane now but something was up with that situation and dollars to donuts it had as much or more to do with his behavior (aside from his raw technical chops) than anything else. Nothing else really adds up.

Putting aside any techy/IT collective bias against management and PHBs and our bias towards beleaguered admins, you don't just "oopsie" end up in a meeting with your bosses, HR, the police, and network/security consultants conferenced to get your passwords in if you're A-#1 Bestest Chap Evah and you shoot sunshine all over the place.

If, in that situation, you truly in your heart believed it would be irresponsible or unprofessional for you turn over your passwords, something is not right with your perception of reality. It's not like it's a room full of terrorists who are trying to get your passwords in order to bring about WWIII.

If you don't think an organization is going to put the screws to you if you jerk them around, waste their time, put their operation at risk, and publicly embarrass them, you have missed out on some important life lessons.

Do you know how bad a work situation has to get before management takes steps like this? Do you think they want to go through all that? And we're talking government here. Any gov workers out there? Jokes and bureaucratic bs aside, you know how hard it is to misbehave and/or underperform your way out of a gov't job as long as you don't cross the blatant HR lines?

I think as insulting as it may feel to walk into a meeting like that, it's actually wake-up call...it's your last window of opportunity to walk out of a situation with some dignity. Not just b/c it's good to "rise above" but b/c there are serious things at stake and blowing it is the very definition of self-destructive and self-sabotaging behavior. So grossly misunderstanding this situation and what is at stake doesn't speak well for one's judgement.

That kind of meeting is an organization's way of saying, "Hi. We're about to part ways. If you mess us around, we reserve the right to put the screws to you as much as possible." He clearly blew this last chance and opted for ""it's my network and you're all morons and i'm gonna show you how stupid you are."

When push comes to shove, he may not have been nefarious and they may be trying to paint him as such now.

The legal question is whether they crossed a line in putting the screws to him when he decided to be a jerk to his bosses and coworkers that one last time.

Re:Equal Protection?

[HornWumpus]

As a matter of historical fact that in America slaves were better taken care of then indentured servants.

A slave was a working asset. They were expensive. Only the rich owned slaves. They generally took some level of care of them.

An indentured servant was an expiring asset. You have a date certain when 'it' will not be yours anymore. When this date approaches you have an economic incentive to work 'it' harder and possibly stop feeding 'it'.

Re:Equal Protection?

that's not acting principle.

i'm not saying you didn't do the "right thing" but just b/c you didn't want to submit to examination that could have exonerated you doesn't automatically mean that you acted on principle.

you yourself said it...your concern is what was in your best interest. that's totally cool and totally responsible with regard to what you need to do and not even in any way bad or unethical or anything like that but it's not "acting on principle" (other than a principle of healthy self-interest)

Re:Equal Protection?

[MarkvW]

You persuasively argue that good evidence is available to Childs. We'll see what actually gets introduced into evidence at trial.

It's unlikely that the taxpayers will have to pay for his trial and prosecution. Lots of immunities there (prosecutorial and judicial).

I can't see why his bail hasn't been reduced by now, though. I can't see the danger he presents.

Re:Equal Protection?

[shadowofwind]

I presume you dealt with a bail bonds corporation?

They are a third party to the whole situation, and their product is getting you released from jail if the court allows this, and sets a bail amount.

No. Bail wasn't more than about $1000, and my wife bailed me out with our money. The police kept the 10%. Like I said, it wasn't a large amount.

Re:Equal Protection?

[shadowofwind]

What were you arrested for?

What geographical area?

Theft of building materials, on mistaken accusation from a neighbor, southern Ohio.

They also confiscated the materials from my property and gave them to the alleged victim, who had no use for them and threw them out. That made it harder to demonstrate my innocence when I was picked up a month later. It wasn't really a conspiracy so much as indifference and stupidity.

Re:Equal Protection?

[Duhavid]

Yeah. I agree, the Police keeping the 10% is pretty ridiculous.

Re:Equal Protection?

[Duhavid]

"We're not a perfect society, I don't think we'll ever have perfect rules."

    That is quite true. But it does not justify that we should not *try* for a perfect society and perfect rules. As close as we can come to them.

Re:Equal Protection?

[dbIII]

What can you do in that situation.

Logically I would write it down, hand it to the top level boss and ask that person not to let everybody else in the room know. Under ridiculous pressure like that however I don't think I would be able to act logically and would be too busy wondering about the unexpected police presence to be able to act rationally - disclosing it in front of so many people is pretty well career ending as is not disclosing it. That meeting really does look like a setup, he acted as expected and they were able to have a good reason to remove him. However I think they expected him to cave in and give the passwords later.

Re:Equal Protection?

"In the U.S., less than five percent of cases go to trial. That means that less than five percent of people ever test the presumption of innocence. Why? Maybe because they're guilty . . ."

-or- maybe because a trial lawyer costs a damn lot of money. I had a case recently for which I was not guilty. I was certain that a jury would not convict me. The judge however found me financially capable of paying for my own lawyer. You know what I found out? It was going to cost me a $20,000 retainer, plus $350 an hour. I pled out to a lesser charge simply because I could not afford it. Most normal people don't have that kind of money sitting around. I have a family to take care of. It came down to going to trial, or not taking proper care of my family.

Re:Equal Protection?

[skiman1979]

I think the point is that if wealthy people get thrown in jail for a few months while waiting for their trial, it's not so hard on them. They still have their millions in their bank accounts that can be used to pay the bills.

If you throw someone in jail who is not wealthy, perhaps just making ends meet, where are they getting the money to pay the bills? Yes, the landlords, insurance companies, etc., still need their money, but where will that money come from if he is in jail unable to earn a living?

It would be different if he was actually found guilty of the crime. If that was the case, he could be locked up, lose his house/appartment, lose his auto insurance, and everything else since he won't need it for a long time...

It doesn't seem right that the court system can punish someone (put them in jail) for months just because they are accused of a crime, without actually finding him guilty. And the taxpayers pay for all of it.

Re:Equal Protection?

[HungryHobo]

Hospitals sometimes have a set limit on how much they'll spend to save a life. If it's private it's whatever the person in question can cough up, if it's public then it's more reliant on what the government will cough up.

I'd probably set a much higher dollar amount for rape or murder than the straightforward impact on the people involved but there's nothing particularly bad about giving violent crimes a dollar value.

Re:Equal Protection?

[HungryHobo]

Just keep it simple, base it on their assets including trust funds and the like and income including gifts, sure a rich daddy or friend who hasn't passed anything on to the person in question might step in but it doesn't have to be perfect, just better than the current system which is deeply flawed.

You might have a certain amount of people who have no assets at all and live on daddies money but how many in that situation don't have trust funds or get anything valuable from their parents.

Doesn't have to be perfect, just better.

Re:Equal Protection?

[gpronger]

The point is, they don't move forward till the point they believe they can win the case (this is not commenting on the quality of evidence, just thought-process).

So, if you find yourself being prosecuted for something more than a speeding ticket, the "State" has put together what is (in their opinion) a sure win.

At that point, you're likely facing a lot of evidence, that you'll then have to disprove hence the perspective that you're proving yourself innocent.

Re:Equal Protection?

[Creepy+Crawler]

The 35% assumes the yearly cut (well, quarterly in big business).

You are not counting regulatory decisions that force base cost higher (indirect tax).
You are not counting the goods that were sold TO the company (tax on incoming goods).
You are not counting tariffs on goods that have them.
You are not counting mandatory checks for compliance.
You are not counting the bookkeeping to determine tax compliance.

From my sources that did work in upper management (mainly secretaries), tax burden was around 50%. Other economists have argued that tax burden is instead a stake of forced ownership from the government. Effectively, that means that the company is paying dividends of upwards of 50% to an owner who did not put stake in the company at birth. Or, this could be a seen as a stock dilution for all shareholders involved. Regardless, the govt gets its cut before anybody else.

Re:Equal Protection?

In the U.S., less than five percent of cases go to trial. That means that less than five percent of people ever test the presumption of innocence. Why? Maybe because they're guilty . . .

No, it's part of the same flawed system that gives murderers immunity for testifying against other criminals. It's the part that says "If you agree to these charges, and plead guilty, you won't go to prison. You WILL be a felon, and you will have probation, but will not go to prison." OR You can choose to fight it, and if found guilty, serve 20+ years in prison. Not many people are willing to take that risk, even if they are innocent, so they plead guilty.

Re:Equal Protection?

[ultranova]

Fines are a completely different argument. In that case I agree that basing them on income is unfair, but bail is always supposed to be enough to make running for it a less attractive option than facing trial.

Fines need to be based on income. In the hypothethical case above, suppose both the industrialist and the high school dropout are convicted and given a fine of $100,000 dollars. For the industrialist, it's a "small fraction" of his liquid assets - it won't likely affect his life at all. The high school dropout, on the other hand, will be in debt for the rest of his life.

The same fine reslts in completely different level of punishment for people of different wealth. Consequently, to achieve the ideal of same punishment for the same crime, fines need to be adjusted for income, so they'll hurt equally regardless of your wealth. It isn't a matter of punishing success or rewarding failure; it's a matter of punishing criminals equally without letting their success in life interfere.

Re:Equal Protection?

[sideshow]

Paris Hilton was put on trial, convicted and sentenced. Childs hasn't even gone to trial yet (so, he hasn't been considered innocent nor guilty), so your analogy doesn't work.

Although, your real point was "FAMOUS BITCHES DONT GO TO JAIL AMIRITE?" so I guess I just wasted my time explaining this.

Re:Equal Protection?

[Drgnkght]

I think the point is that if wealthy people get thrown in jail for a few months while waiting for their trial, it's not so hard on them. They still have their millions in their bank accounts that can be used to pay the bills.

Maybe the Anonymous Coward did mean that. I still won't agree with the comment that a person in jail has no expenses. If they have the savings/liquid assets to pay any expenses is irrelevant. They will have expenses that will need to be paid.

Re:Equal Protection?

[skiman1979]

Come to think of it, I think I was actually responding about another comment, not Anonymous Coward's comment. I didn't even see the "in jail, no expenses" post. I'm still getting used to the expanding/collapsing threads interface of Slashdot. I don't browse too often. The AC comment was probably hidden when I posted.

Jailed people definitely still have expenses that need to be paid in the 'real world' It's just the wealthy likely have a much easier time paying those expenses.

Re:Equal Protection?

[juan2074]

There are three sides to every story.

We're definitely not hearing the third side.

CQ?

[camperdave]

From The Fancy Article:

He's been in jail for seven months now, but former San Francisco network administrator Terry Childs [cq] says he's going to keep fighting to prove he's innocent of computer crime charges.

What does the CQ stand for?

Re:CQ?

[macxcool]

According to Wikipedia, either:
Central Queensland
Congressional Quarterly
or
A symbol indicating that the spelling is actually correct, believe it or not.

Does that help?

Re:CQ?

[MrNaz]

Does that mean that I can put CQ at the end of all of my posts to cover my bases? That way if I haven't made a mistake, then it's correct, and if I have then people will think the obscure use of CQ indicates that my error is in actuality an obscure exception to whatever rule of spelling I broke.*

* CQ

Re:CQ?

[morgan_greywolf]

Does that help?

Why, yes, yes it does. The Gramer Knotzees [cq] won't be bother me any moore [cq]!

Re:CQ?

[Jeremy+Erwin]

CQ or Cadit Quaestio means "the spelling (or the simple fact) has been checked and double checked", so there's no need to check it again. As it was editorial markup, it should not have appeared in the published version of the story.

If something you mark as CQ later turns out to be wrong (because you haven't bothered to check), well that's egg on your face, isn't it?

Re:CQ?

[Jeremy+Erwin]

Why, yes, yes it does. The Gramer Knotzees [cq] won't be bother me any moore [cq]!

I believe [sic] is more appropriate in this context.

Re:CQ?

[OneSmartFellow]

Didn't you ever listen to Jodie Foster in 'Contact' ?

CQ, this is W9GFO. CQ, this is W9GFO here. Come back

Interview?

[east+coast]

I know I don't RTFA often enough but did the "interview" strike anyone as a bit thin? I'm more use to the format of question and answer and I got ten paragraphs that had a glorious 7 sentences of actual quotes from the subject of the interview. None of which touches on what he did, why he did it and only the faintest hint and why he feels that he's not guilty.

Looking at it I get the feeling that the reason I don't bother with the articles as much anymore is because web journalism is simply too lite in all the wrong places.

Re:Interview?

[riegel]

It sounds like the problem isn't that web journalism is lite but that there really isn't a lot of new information.

Re:Interview?

[zzottt]

he couldnt record it nor talk about the trial... not much you can do with 30 minutes

Re:Interview?

Looking at it I get the feeling that the reason I don't bother with the articles as much anymore is because web journalism is simply too lite in all the wrong places.

Yeah, you're right! Look what Slashdot turned into...

Re:Interview?

[east+coast]

And that's fine in and of itself but at the same time why present it as newsworthy? While I'm sure there are many here who are concerned at the outcome of all of this it doesn't seem right to just hash the same old stuff just to pump out an article. I'm speaking more to the tone of respectable journalism than anything Childs is facing overall.

I suppose it's a tad better than the latest top 10 TechRepublic article but there is a good reason that stuff never gets too much coverage here.

Re:Interview?

[DavidTC]

Can someone even explain what he's charged with and what his specific actions were?

Refusing to do your job and inform management of passwords is not illegal. (It's pretty strange behavior, but not illegal.)

The only thing I can glean from reading both links is 'three modems', one of this was a DSL one he didn't set up for testing and whatnot, one of them was to operate his pager, and one of them was to link the city's network in emergencies. None of them even vaguely look like backdoors, but, more important, none of them were used as backdoors to a system he had access to anyway. (You don't install secret backdoors in cabinets in your office.)

I know Childs can't talk because his lawyers says not to, but there's a fucking document called a 'arrest report' that actually lays out charges against him and the specific actions he took that were in violation of the law. What are they?

Googling throws a lot of nonsense around, including the fact they've charged him with supposedly planning to use a planned power outage to do something bad, when said power outage wouldn't have affected those system. (And what 'something bad' is very vague.)

And, also, when the police search his house, they found weapons ammo. This is presumably relevant somehow.

Re:Interview?

[Beyond_GoodandEvil]

And, also, when the police search his house, they found weapons ammo. This is presumably relevant somehow.
Of course it is, weapons ammo in a house in San Fran is like having an autographed copy of Mein Kampf in Jerusalem. He's evil don't you know?

Re:Interview?

[pyrr]

And, also, when the police search his house, they found weapons ammo. This is presumably relevant somehow.

That only had to do with the fact that he was a convicted felon and therefore can't legally own firearms. It sounds like the prosecution is trying to build the legally tenuous case on the principle of "where there's smoke, there's fire"; surely nobody just has ammo laying around, so Childs must've hidden guns somewhere that the cops didn't find and he should be prosecuted on the assumption that they indeed exist. So they might as well just hang him now, clearly everything related to doing his job is more proverbial smoke, and the prosecution will roll out the mirrors, and his guilt will be plain as day!

The idiocity displayed by the investigators is stunning.

Re:Interview?

[R2.0]

I don't know...60 minutes can nearly destroy corporations.

http://en.wikipedia.org/wiki/60_Minutes#Unintended_acceleration

Re:Interview?

[tsstahl]

And, also, when the police search his house, they found weapons ammo. This is presumably relevant somehow.

Because you need to paint him as an unsympathetic louse before you railroad him?

Re:Interview?

[DavidTC]

He's not a convinced felon. They talk about 'burglary' charges, but it appears all he was convicted of was a misdemeanor, and can legally own firearms all he wants.

Re:Linux

You have really weird fantasies. Have you ever thought about going to a psychiatrist instead of posting to slashdot?

Re:Linux

Staying with Mac then?

legit modems?

[socsoc]

This article gives better reasons for those modems being on the network than previous stories. Doesn't seem so rogue now, does it?

Re:legit modems?

[drinkypoo]

This article gives better reasons for those modems being on the network than previous stories. Doesn't seem so rogue now, does it?

Did it ever seem rogue to people with actual technical experience?

What it seemed to me was stupid. If people above you in the chain of command want to break the network and destroy your security, you have to let them. The only recourse you really have is to demand such things in writing and run them all through your boss. The worst they can do in such a situation is fire you. But your job is to do as you are told, and if they tell you to fuck it all up, then you can either quit or capitulate.

It seems to me like Childs was trying to obey the letter of his job description, without fully considering the ramifications. Certainly he wasn't trying to take over the network - however dumb he might be, I certainly don't believe he's crazy enough to forget about cops and prisons. He surely didn't think that they would be wielded against him for these particular actions, but that was just dumb. Now the city is trying to do everything they can to justify their actions, so they're trotting out bullshit arguments against him (like allegedly holding information he shouldn't, or installing back doors - which frankly are not a bad idea if they are secure back doors. someone 0wns your network, it's nice to be able to get in!)

Odds are, most of us will never know the truth. The only one who knows the full truth of Childs' intentions is himself, and most people aren't all that in-touch with themselves anyway. However, he's had a lot of time to sit and think about it.

Re:legit modems?

[morgan_greywolf]

This article gives better reasons for those modems being on the network than previous stories. Doesn't seem so rogue now, does it?

It only seems rogue when they make ludicrous statements like he put "1,100 modems" on the network.

Anybody with half a brain can think about that statement as say 1) There's no way someone had that many modems and phone lines because would be wayyy too expensive and 2) if you were putting secret modems on the network to 'wreak havoc' (whatever that means), you certainly wouldn't need anything close to 100 of them, let alone 1,100 of them.

If I were confronted with a room full of people not my boss and asked to reveal admin passwords, I wouldn't even try to give them the wrong ones, I would be like "if you need those, you need to ask my boss, not me because I am not authorized to give them to you."

Re:legit modems?

[_Sprocket_]

It should also be noted that Childs handed over passwords to the Mayor while in jail.

Re:legit modems?

[R2.0]

The worst they can do in such a situation is fire you. But your job is to do as you are told, and if they tell you to fuck it all up, then you can either quit or capitulate.

And I believe you've identified the crux of the problem.. Childs was asked to give root access to someone he judged unqualified. Childs refused. Then he was ordered to do so, he refused again, and he was fired. then they said "Give us your password" and Childs said "No - I don't work for you anymore". Then he was arrested.

The SF city government showed their ignorance of how complex computer systems work in 2 ways: first, demanding that a privileged person be given root access to the whole system as if it was a laptop; and second, by only having 1 guy with "the keys to the kingdom". That isn't Childs' fault - I'm sure he would have been more than happy to share the admin load with another employee who was competent enough to do it. But the city government viewed him like a customer call center employee - knowledgeable about computers, but basically replaceable. I'm sure that the guy who fired Childs thought that someone could "hack" the password like it was a Word document.

This was a colossal failure of business management, but because it is a government, they have the police to cover up their mistakes.

Wait a second?

[tjstork]

You know I was arguing all about either torture the guy and let him walk to get the passwords, thinking that 10 minutes of waterboarding is less damaging than 7 years in prison.

Now, his side says that he's getting tossed into jail for sneaking a few modems onto his desk and not giving out the passwords to the modems he set up? come on now, that's not the story we heard coming from s.f. before and I have to wonder just what passwords s.f. was asking for.

I don't know that I would hire the guy, but, somehow, when all the banks in the fine city of san francisco are sitting there having blown through trillions of dollars, I think maybe s.f. pd needs to be putting some other people in prison besides this guy.

Re:Wait a second?

[drinkypoo]

There is DEFINITELY something else more nefarious going on here, but it's impossible to say what. So far SF has completely mismanaged the case, continually getting technical details wrong and putting a ton of irrelevant yet sensitive information (the VPN access information) into the complaint. Unless they can come up with some better evidence their case looks like complete bullshit. That won't necessarily prevent him being found guilty, though.

Re:Wait a second?

[TheRaven64]

and putting a ton of irrelevant yet sensitive information (the VPN access information) into the complaint

Which doesn't do a lot to counter his argument for not divulging the passwords; that giving them to someone that incompetent would be criminally negligent.

Re:Wait a second?

[tjstork]

I just wonder what sort of a society we have where a disgruntled work hides a few passwords to stuff he evidentally brought in, for a few hours at most, but at the same time a bunch of dudes mismanaged their banks to the detriment of the entire world economy, in cooperation by senior members of both political parties, and that's just a mistake.

Re:Wait a second?

[_Sprocket_]

There is DEFINITELY something else more nefarious going on here, but it's impossible to say what.

I'd say it's easy to make a guess; bureaucracy and government with a side of IT / Infosec. I've seen it elsewhere. A government bureaucrat lacking an understanding of a very technical situation and associated mindset interprets things in the most outlandishly malevolent way. They then reach for the one big stick they're intimately familiar with - the law.

Re:Wait a second?

[dbIII]

thinking that 10 minutes of waterboarding

That's only useful if you want to tell him what he should say the passwords are or if you want a confession for a Third World show trial. I used to think it was the USA that won the cold war but it's picked up a bit of the old USSR instead. There never has been a real world situation like in "24", it's entertainment, and torture is just a tool of terror and not a way to get anything coherent.

Re:Wait a second?

[tjstork]

That's only useful if you want to tell him what he should say the passwords are

The thing is, in that specific case, it would work, because you can verify the truth of the password immediately. The benefit is that the guy gets to walk right afterwards, on the theory that, no real harm, no real foul. I mean, if the guy grabs the passwords, you waterboard him, he gives them up... what disruption to the business was there? There wasn't really a crime and you could obviously make the argument that waterboarding was punishment enough. This is vastly different from torturing someone for operational war plans, which cannot be verifies, and you are right, people in that situation will make up anything to evade torture.

Re:Wait a second?

[dbIII]

You are unfortunately showing how moral decay has tainted almost an entire nation with evil.

Ordinary citizens advocating torture in a situation of a simple workplace disagreement shows how bad things have become. The argument is moot since he disclosed the passwords to the Mayor some time ago anyway.

The world is not a comic book and even though no body parts are actually removed waterboarding is still torture by any english language definition proir to 2000 (we've had the revisionist crap where people are saying at least it isn't cutting peoples fingers off - that's just misdirection from the point). Plus what happens if the recalcitrant employee dies during waterboarding (people have died from it - heart attacks, drowning etc)? You have no passwords then and you have a body that you have to make dissapear somewhere. It's a slippery slope to third world dictatorship once you throw the rule of law out the window.

My final comment is the KGB did not see torture as a means of gaining information and they did a lot of it (as a tool of terror to keep people in line). Why should it suddenly work that way now? How rational do you think people are going to be while they are drowning, or having various bits electricuted or cut off, or the bizzare and nasty one that's coming out, getting sodomised by dogs.

Re:Wait a second?

[Tuoqui]

The only thing that we as geeks can do is to make sure we completely understand the basics of the law (at least more than your boss). Remember unless your boss is a lawyer then you probably can learn more than him or her.

The most amazing part of this whole story is...

[yttrstein]

That there's a network admin somewhere that has giant ethical nuts. As anyone with even a day's worth of network admin/engineering experience knows, the loyalty of all network admins can be purchased with A. a fat paycheck or B. a threat of any kind from someone with authority.

Can you imagine even half of the network admins in the united states changing the passwords on their routers and shutting them down until Childs is released?

Yeah, I can't either.

Re:The most amazing part of this whole story is...

[zappepcs]

I thought that too. Huge testicular fortitude by Childs. I think the interviewer noticed something when he mentioned that at the end Childs stopped and said "it's a different world in here" in reference to prison. That is perhaps the point of the blog entry, to show that Childs really isn't a whacko control fr34k with an attitude problem. I'm not saying network admins are that way, just that he was sort of painted that way in the original news headlines. I hope that he gets exonerated. Everyday I have to deal with people that have no clue how computers work, let alone databases or networks.

I also have hopes that Childs being exonerated would reinforce the value of IT staff in general. That is to say that hey, you hired people who know what they are doing. Let them do it and don't mess them around.

Car analogy: Don't micromanage your NASCAR driver or even the engineering staff who build the car.

I guess what I mean is I hope the PHBs get it rough with no reach around on this one.

Re:The most amazing part of this whole story is...

[Zontar_Thing_From_Ve]

Can you imagine even half of the network admins in the united states changing the passwords on their routers and shutting them down until Childs is released? Yeah, I can't either.

I can't either, but probably for different reasons than you.
1. Such actions could cost employers to lose money and might subject those responsible to criminal charges (quite possibly felony charges) similar to Terry Childs.
2. Your suggestion fails to take into account that the legal system (judges, lawyers and police) is mostly comprised of people with extremely limited technical knowledge. Do you really want such people deciding whether you might have a point to this protest? I'm thinking "no". Also, the legal system might be seriously unimpressed with such stunts and look to make examples of everyone who engages in this kind of protest simply to keep it from happening again in the future. Remember, back in the 1980s that President Reagan told the air traffic controllers if they went on strike (which was illegal) that he would fire them all. They went on strike and he did fire them. Nobody in the federal government has been on strike since then.
I read the articles linked to in the main post and I'm still unconvinced that Childs is a "victim". At best he's an idiot for not realizing that the passwords were not his to protect, they were his employer's. At worst he deliberately tried to sabotage the network and is now trying to weasel out of jail time and fines.
Keep in mind that Childs himself now says it wasn't worth it. It doesn't take a rocket scientist to figure out that when your employers says "Give me the passwords" that you do that. It's not his job as a network admin to worry about what will happen to those passwords.

Re:The most amazing part of this whole story is...

[SirGarlon]

That there's a network admin somewhere that has giant ethical nuts.

Only if 100% of what Childs says is true. I'm not so sure I'm ready to believe him -- the circumstances of his confrontation with management suggests there may be layers to this story that aren't making it into the media.

Re:The most amazing part of this whole story is...

[yttrstein]

As an employer, I'll let you in on something:

The reason that punishment has been laid so strongly and swiftly down on Childs is directly because of the power of the position he held. He's being made an example in order to make sure that no other network admins get any bright ideas about exposing their feelings of real ownership and territory that every good network engineer has about their responsibilities (and equipment for that matter).

As an employer, I hope the steps being taken against this man, no matter what his motivations were, are entirely unsuccessful. The world needs fearless and ballsy geeks a lot more than it needs spineless jellyfish who happily do whatever they're told *despite the ethics of it*. There's something deeply disturbing about so many giant brains have willfully given up control of (and responsibility for) their own actions and are all too ready to claim they were "just doing my job".

Pardon my revulsion, but there are those of us who remember where that sort of outlook takes the species.

Re:The most amazing part of this whole story is...

[Sam+Lowry]

That's a good plan for a nation-wide strike.

Re:The most amazing part of this whole story is...

[DigitalSorceress]

snip... It's not his job as a network admin to worry about what will happen to those passwords.

I have to disagree there... if your management has no concept of the importance of keeping root level passwords in as few hands as possible, then they're probably not savvy enough to know the difference if one of the many folks with such access causes a problem / breaks something.

What I'm getting at is that if the management insists on letting that many chefs in the kitchen, then I betchya they will be totally surprised to find that the soup is ruined and will come down hard on the head chef for it.

When Childs said he should have gotten out, I think he meant that he should have left the job, not that he should have given them the passwords.

As a former network admin, it WAS my job to worry about the passwords. However, at that place, the CIO (my direct boss) was very technologically competent, and in fact, he filled in for me when I was sick :). That was a small company though where the other IT folks were DBA, and a bunch of developers, so the CIO and I were the only ones who touched the routers/firewalls and most of the servers. However, our DBA had root level access to those systems he needed to touch and in a pinch, I would have given him PWs for anything he needed. The difference: I would have changed those afterward. Not cuz I didn't trust him, but because "need to know" doesn't mean that once you needed to know, you always do.

At my current job, I'm a software engineer (really, the software Janitor... I clean up after others) so I personally have a lot of access, but it's not my place to give PWs to anyone else... that's our network / infrastructure folks. All depends on what you do and who you work with.

Re:The most amazing part of this whole story is...

[DavidTC]

That's just idiotic, and possibly criminal. (Unlike what Childs did.)

Not to mention it's totally unethical behavior as a network admin. We can argue if it's sometimes ethical to take down a network, like if it's used for spamming or something, but it's certainly unethical to do it as a protest of an unrelated court case.

The correct thing for net admin to do is to explain their job responsibilities in regard to this case. Many people have no idea what network administrators actually do besides run wires to hook computers together. So stuff like 'network sniffer' sounds a lot worse than it actually is. If people knew there were commercial products you could purchase to 'make sure harmful things weren't passing over the network' called 'network sniffers', and that responsible net admin purchased them and set them up and informed them of what sort of data they should be seeing on the network, and alter them when something else shows up, people would understand that and it wouldn't sound so bad.

They'd probably have the wrong mental image of how and at what layer this was working, but that's not important, anymore than it's important that I know how a mechanic replaces a fuel injector...the mere knowledge that he does replace parts changes what assume is happening if I were to hear about a 'bad' car mechanic who has 'removed the fuel injector from a car in his workshop'. I, and most people, would be very confused as to how this was unethical behavior, as we'd presume he was either replacing or testing it, and not that he was somehow inexplicably planning on stealing it.

Re:The most amazing part of this whole story is...

[DeadManCoding]

Are you hiring? Because you definitely wouldn't be the first boss that I got into a spat with, and if you can actually respect my ability to do a job, that's a serious thumbs up from me.

Re:The most amazing part of this whole story is...

[sthiffea]

Mod Parent up. This is the golden rule. I love my network and don't want management to break it like every other sysadmin, but I always eventually do what the guy signing my fat paycheck says. But then I'm a consultant, so I'm a paid bitch...

Re:The most amazing part of this whole story is...

Thank you.

Re:The most amazing part of this whole story is...

[AK+Marc]

Only if 100% of what Childs says is true.

If 90% of what the city says is true and 10% of what Childs says is true, then he still has better ethics than anyone persuing him (and isn't guilty of any crime). The city have been proven to be lying. They tossed around things like "hostage" and "ransom" and such. They have, of course, stepped back from those words ("stepping back" being a euphamism for admitting they were lying). So far, the facts have supported everything Childs has said, whether or not in conflict with the City, and the City as said more than one thing that has been shown to be untrue. So I would say that not only is your "only if 100%" statement is wrong, he only needs to be about 10% right to be in the right, but that so far the city is the only one that has made verifiably false statements.

And no, I'm not one to hop on the "defend the techies" bandwaggon. I was definately on the "he's guilty, you idiots" campaign for a particular techie and a missing/dead wife. It seemed obvious to me then (it's always the husband, and there was massive evidence pointing to him and almost nothing pointed anywhere else), and it seem obvious now (he was a belligerant employee that had the "my way (because it's right) or you can fire me" attitude, and the city, for absurd reasons, decided to prosecute someone for being ethical.

Press Interviews while incarcerated

Not going to comment on Child's innocence or guilt, but I have to wonder whether his lawyer is giving him good advice. I mean, giving an interview to the press which you discuss some case specifics doesn't seem like a very wise thing to do. Even though TFA was just a summary of the interview and did not contain a transcript of it, I'm guessing that the San Francisco prosecutor could subpoena the reporter to turn over a transcript, or recordings and any notes the reporter took to use against Childs.

Giving an interview to the press really screwed over UK hacker Gary McKinnon, who's currently fighting an extradition order to be brought to the US to face charges breaking in to Pentagon computers. His interview by the BBC shortly after he was arrested basically was a full confession of everything he had done and left no wiggle room to create a case for reasonable doubt. The US prosecutor could base his case just on the BBC article alone and probably get a conviction. Of, McKinnon gave the interview before the US filed charges, I think, so he may have thought he was in the clear when the British authorities didn't file their own charges.

Anyway, it just not a smart idea to give interviews to the press while facing criminal charges, and I'm surprised his lawyer let him do it.

In the land of the free

[Dunbal]

he's going to keep fighting to prove he's innocent of computer crime charges.

      Well, good luck with that...

Re:In the land of the free

[Tuoqui]

Actually you realize there is the option of 'guilty with justification'. I'm not sure the exact term in the US but Self Defense is one.

It's the same as someone speeding because theres a (pregnant woman having a kid/someone bleeding to death) in the back seat. As long as you dont run over an 80 year old woman while getting the person to the hospital.

Basically as long as you can prove that your actions prevented a greater crime and/or were in the public interest then you can be declared not guilty.

Mmmmm... No.

[Concern]

I hate to say it, but these stories only reinforce for me that Childs is likely guilty.

It seems even clearer that he really did keep passwords to himself, and when asked, refused to hand them over to his management.

Management can ask for them (how can they ever replace a network admin, otherwise?) and they can ask you to hand them over to anyone they say. As Schneier says, they belong to your employer, not you.

These articles imply that it's not "good practice" to give passwords out. If that's really his defense, it's specious and deceptive. If your boss demands a password, you have to give it, by law. If he demands you give it to another person, or 20 other people, you have to give it, by law.

If they do something stupid with it, then maybe _they_ end up in jail. If you want, you can even try catching them at it, being a whistle-blower, help them along with that process. But that's _not_ your problem, as an admin.

I just get the sense of a tense guy who had a personality conflict with his boss (who may have been an ass, or not), and who let his emotions carry him over into criminal conduct. At the most, there are some mistakes in ancillary parts of the charges against him (re. modems), which is unimportant to the main issue.

Re:Mmmmm... No.

[Unnngh!]

To offer a slightly different perspective: If he felt that management was going to misuse the passwords to compromise the security of the network, he was best off sticking to his guns, as it would have come back on him, not management, if the security was compromised. Corruption at the top levels is not unheard-of. It just doesn't sound like that's what happened. In situations like this, people typically work out some compromise, like bringing in outside contractors with limited permissions or with a separate admin account for a limited time, etc.

Based on what we have seen, as you said, he was most likely engaged in a power struggle with management, and he handled it poorly when management could have just come in and said "you're fired, give us the passwords and leave."

Re:Mmmmm... No.

[sproot]

If your boss demands a password, you have to give it, by law. If he demands you give it to another person, or 20 other people, you have to give it, by law.

[citation required]

Re:Mmmmm... No.

[DavidTC]

Well, congratulations on making up laws, but, no, there's no law requiring you tell people passwords, even to their own systems. At all. Barring some sort of court order requiring that, which does not exist in this case.

And that's not what he's charged with. He's charged with, essentially, doing his job, with lots of evidence of doing his job introduced as evidence.

Like keeping detailed diagrams of the network at his house....the network he built by hand.

Or installing network sniffers...commericial network sniffers that monitor the network for viruses and hack attempts, like he was supposed to as part of his job.

Or having a modem installed...that paged him in case of network problems.

Or configuring routers to not let people do a 'password reset'...in unsecured locations, like thousands of network admin do to routers they can't lock up to keep people from screwing with them.

Or confronting someone who claims they're doing an 'audit' of his systems and, as he claims, walking out with a hard drive. (They were doing an audit, but he didn't know that.)

They have decided all this means he was planning to bring the network down for some unspecified reason. Of course he could bring the network, any network admin knows enough to bring the network down. If they don't, they don't know enough to do their job keeping it up.

Re:Mmmmm... No.

It's a tricky scenario though.

What if your employer orders you to do something illegal. Do you have to do it, just because your employer says you do?

What if he had been told to publish the passwords on the Internet?

Or even been told to publish the personal data that is stored in his computer systems on the Internet?

If you admin a server with confidential data belonging to members of the public, which only a small group of people have passwords to, and your boss orders you to publish that password, compromising the security of that information, should you automatically follow the order?

If you work in the health and human services datacenter, and your boss orders you to put the whole database, unencrypted, on a CD and mail it to them, would you? What if they ordered you to e-mail them the system passwords in plaintext?
What if they ordered you to tell the passwords to a room of people who you didn't trust to keep them secret?

There is a line of negligence over which you can't go, even if your boss tells you to.

I'm not saying that this case is on the far side of that line - we don't have the details - but perhaps the admin felt it was.
Perhaps he felt it would be negligent to share those passwords, and would hurt (for example) taxpayers whose data was stored.

I think the prosecution should have to prove that he refused to share the passwords out of some malicious intention, as opposed to because he thought sharing them would be negligent.

It is not as simple as schneir makes out.

Re:Mmmmm... No.

If your boss demands a password, you have to give it, by law.

How about if your boss wipes his fingerprints off a freshly fired gun and tells you to handle it? Are you obligated, "by law" to do that too, damn the ramifications of what it may mean?

What specific part of his contract are you referring to where you say he has to do it "by law"? You do have a copy of his civil employment contract, right? Or are you just an ass making shit up? Oh, the latter, that's right.

Re:Mmmmm... No.

[mjeffers]

I completely agree.

This whole situation reminds me of the Seinfeld episode where Jerry's mechanic held his car hostage because he didn't feel Jerry did a good enough job taking care of it.

As much as it may pain network admins to hear it, you don't own your network. You are paid to build and maintain it but your relationship to it is like the mechanic and not like the car owner. If the people who pay you and who paid for the network ask for the keys, give it to them. If you don't, from their point of view you are now holding their property hostage.

Re:Mmmmm... No.

[DavidTC]

he handled it poorly when management could have just come in and said "you're fired, give us the passwords and leave."

He was probably expecting that to happen.

Instead they arrested him.

Rule #1: Be wary of pissing off the people who control the police.

Re:Mmmmm... No.

[EvilBudMan]

--If he demands you give it to another person, or 20 other people, you have to give it, by law.--

I would let the boss do that part after giving the boss the passwords that I had. That might get me fired but not locked up like failing to give them to a boss. They sign the check not those 20 other people and to have it in writing is a good idea as well.

Here, there is a third party that keeps the passwords if anything happens to me, because I have given the boss passwords before and they loose them. Nobody absolutely has all of the cookies in the jar in any case. It just keeps the screw ups down. The less someone can mess with the less they can tear up.

Re:Mmmmm... No.

The root passwords are the property of your company. Encrypted data should be encrypted with a company key as well as a personal key. But your own encryption key and your own password are your property - so long as the company has a way of accessing everything you have done or can access without knowing them. That's the best practice.

Re:Mmmmm... No.

If your boss demands a password, you have to give it, by law. If he demands you give it to another person, or 20 other people, you have to give it, by law.

Not that I don't believe you, but could you provide a reference that "law"?

Re:Mmmmm... No.

[Oqnet]

What if it is your job not to hand over those kinds of documents to anyone besides maybe your successor? The interview said he was sitting in a room with a bunch of people and there were others on the other end of a speaker phone who were ready to test the passwords. On a very secure system like he had setup it could be bad if he spouted off the right passwords. He doesn't know who's listening and he doesn't know who will use them. At my current job their are two main guys in the downtown office, how they setup the root passwords on the main server is they each type in their part neither of them know the whole root password. Their parts are written on a piece of paper and stored separately in a secure place(I think in a safe). The CEO the manager no one is to have the root passwords, they are god mode and can be exploited, if they are the tech is legally liable(at least here) if they are used and the proper precautions weren't documented and policies weren't set in place. So yeah they own the systems and I guess they own that information that's on the systems so what's the guy to do? Risk getting in trouble for handing out the root passwords to X number of people, or keep them and say that he won't give them out to a random crowd of IT, HR and Managers? Personally I would say lets sit down write up some documents saying I'm giving them to you and I'm not responsible for what happens after. I might also say if this is whats going to happen the signing of that document will be followed by my resignation. I would also request that the root password only be viewed by my successor but what ever. He really didn't handle it correctly, he was stupid to think that they wouldn't take action. This seems a little excessive, like others have said they are just saving face.

Re:Mmmmm... No.

[Quothz]

These articles imply that it's not "good practice" to give passwords out. If that's really his defense, it's specious and deceptive. If your boss demands a password, you have to give it, by law.

What law? In this case, the State's trying t'use "disrupting computer services", which is a California-specific law. From a look at the text, it looks like you only must give the password to your boss if he or she is "authorized" to have it. I'm assuming the charges are based on:

(5) Knowingly and without permission ... causes the denial of computer services to an authorized user of a computer, computer system, or computer network.

The question is whether his bosses were "authorized". If they -aren't-, it's criminal to give them the passwords, under the same section. Tricky. This is a government network in question, so the matter of authorization may not be clear. I have trouble with the scenario in which the police CIO, a military information defense worker, a couple of engineers, and especially a human resources rep would have authorization for administrative control of the city's network without a city policy-level decision being made at the mayoral or legislative level.

Even in a business environment, the question of authorization can be sticky, and again is best-handled by a top-level policy decision.

Other states have different laws; check your local listings. There's no universal law I'm aware of that says your boss has the right to any passwords. Quite the opposite, in California; if you give it up to your boss on demand when he shouldn't have it, and hijinks ensue, you could theoretically be prosecuted. I've trouble picturing that actually happening, but it clearly is not the case that you have to hand it over on request.

As a layman, it looks to me as though Childs was correct in refusing to give out the passwords (although I'm not familiar with any relevant city policies granting authorization, again I'm pretty darned sure the HR guy isn't supposed to have 'em). Giving out incorrect passwords was a bad move, but easily attributed to the pressure of the surprise party.

Re:Mmmmm... No.

[franl]

If your boss demands a password, you have to give it, by law. If he demands you give it to another person, or 20 other people, you have to give it, by law.

What insane country do you live in where not obeying what your boss is a crime? In the US private sector, employees enter a contract with their employers. Not doing what your boss says is probably a violation of that contract (which will likely get you fired), but it won't get you prosecuted for a crime.

I qualified the above with "in the US private sector", because this doesn't apply to certain public sector jobs (i.e., elected/appointed officials), public safety jobs, and, of course, the military.

Re:Mmmmm... No.

[Todd+Knarr]

To offer a slightly different perspective: If he felt that management was going to misuse the passwords to compromise the security of the network, he was best off sticking to his guns, as it would have come back on him, not management, if the security was compromised. Corruption at the top levels is not unheard-of. It just doesn't sound like that's what happened.

And I'd note further that, when he did give the passwords to city authorities, they followed up by putting a list of account names and their passwords in a public court document for all the world to see. His grounds for refusing to give them the passwords was, IIRC, that they couldn't be trusted to keep those passwords secure, and their first action was to demonstrate that his opinion was in fact entirely correct. One fact that the city keeps omitting is that, although it's technically their network, they were holding him responsible for any failures in it. It's not reasonable to hold someone responsible while simultaneously demanding that they not do what's neccesary to meet those responsibilities.

Re:Mmmmm... No.

[mrchaotica]

If they do something stupid with it, then maybe _they_ end up in jail.

No, if they do something stupid with it, then maybe you end up in jail, because it was still your "responsibility" even though they made it impossible for you to uphold that responsibility. In other words, if you hand out your passwords you become a ready-made scapegoat.

Basically, it's a no-win situation. It's essentially equivalent to getting fired, except they screw you out of the rights you would have had if you were fired explicitly.

Re:Mmmmm... No.

[GameMaster]

If they chose to only have one person in their organization that knew the password, that was their own, stupid, mistake. Even if he were still employed by them, the only thing they can punish him with is termination for not giving it up. I suppose that they could sue him in civil court for damages caused by him withholding it (under the premise that it represent malpractice on the part of a network engineer) but even that I'm not sure of. The problem is, they aren't suing him in civil court, they brought charges in criminal court. He may not have been very professional about the whole thing, but that doesn't make it criminal.

Here's an example I used in another post:

Lets say I hire a driver to drive me around in my car. I give him my car key and tell him to go to Home Depot and make a copy using his own money. He returns my original key and then drives me around for a while until something happens and I fire him. There is no law that says he has to give me back that copy of my car key just because he no longer works for me regardless of whether, or not, I happened to loose my original. As long as he never attempts to use the key in my car after he's been fired, he hasn't committed a crime.

Re:Mmmmm... No.

[element-o.p.]

The problem with pp's point of view is that it's not always that cut-and-dried. Yes, the equipment belongs to your employer, and I agree that this is something that the network (or server or database or...) admin needs to weigh in the balance.

However, consider this: suppose the admin has reason to believe that handing over the passwords will compromise the privacy of cusotmers/users of the network, server, or other system? For example, if I was an admin at a bank, and I had reason to believe that handing over passwords to an undisclosed number of people had an unacceptably high probability of leading to disclosure of the financial details of the banks customers, wouldn't I have an ethical obligation to refuse? Suppose I was an admin for a hospital or health insurance agency and I thought handing over the passwords could reasonably be expected to mean that patients' health information could be leaked? Would I not be morally, ethically and (at least potentially) legally liable for giving the passwords away in a case like this?

Childs may not have handled the situation in the best possible way, but it looks to me like he had reasonable concerns about what he was asked to do, and that he was justified in refusing to hand out the passwords when asked.

Re:Mmmmm... No.

[Concern]

Here is how it works:

If your boss wants to do something stupid, put your objection in writing, get his or her insistence in writing, and then you are free and clear. No one can hold you responsible for what happens. If you're terminated wrongly or even just discriminated against as a result of your boss's documented incompetence, you can sue, and with this kind of evidence, you will win.

It's not that complicated a system and it works, if not perfectly, at least reasonably well.

If you think you can keep your employer's property because "you know better what to do with it than them," you will wind up in the cell next to this guy. Please ask a lawyer if you don't believe me.

Re:Mmmmm... No.

[Concern]

There is indeed a legal basis for this, used every day in the workplace, called "Work for Hire." There are other arguments as well, but this is the most obvious one. Configurations, including security configurations, including passwords, are all the property of your employer.

Please don't give people bogus legal advice without even admitting you are not a lawyer.

And I say again, how do you ever replace your network admin if they need not give up your passwords?

As for the rest of the charges, I've already said, "At the most, there are some mistakes in ancillary parts of the charges against him (re. modems), which is unimportant to the main issue." So on this we agree.

Re:Mmmmm... No.

[Concern]

Not tricky at all (I hope).

If they ask you to do something illegal, document it as best you can and quit. Call the authorities.

If asked to publish the passwords, he should contact the authorities and the media. He can quit at any time - he need only write down the passwords on paper, hand them to his boss, and then walk out. If you don't want to quit, and you're asked to do anything dumb, object in writing, get the instructions in writing, and then do as you're told. You're free and clear.

The remainder of your examples are redundant - they all fall under this principle.

There is a line of negligence over which you can't go, even if your boss tells you to.

Certainly. You need not take any affirmative action you don't want to (some slight exceptions here, i.e. drafted into the military). You can quit any time. When you leave, you only need to give to your employers all materials of theirs that you have. This is anything you created as works for hire, including passwords.

If you don't do that, you are breaking the law, and you go to jail, just like this guy.

I'm not saying that this case is on the far side of that line - we don't have the details - but perhaps the admin felt it was.

Doesn't matter what you feel. The rules are simple. Follow them, and the bad guys get in trouble. You can even help. Break them, and you go to jail.

Perhaps he felt it would be negligent to share those passwords, and would hurt (for example) taxpayers whose data was stored.

Great story for the press, once you're at your next job. Happens all the time.

I think the prosecution should have to prove that he refused to share the passwords out of some malicious intention, as opposed to because he thought sharing them would be negligent.

No. Wrong.

It is not as simple as schneir makes out.

Yes, it is. Ask a lawyer if you don't believe me.

Re:Mmmmm... No.

[Concern]

Nope. Just quit. Only thing is don't try to steal anything on the way out the door. Including intellectual property such as passwords, which are your employer's under Work for Hire rules.

Summary of the law: http://en.wikipedia.org/wiki/Work_for_hire

Re:Mmmmm... No.

[Concern]

Sure.

But don't take my word on it. Ask a lawyer.

Or just ask yourself how you ever replace your system or network administrator, if you're not entitled to your own passwords?

Re:Mmmmm... No.

[Concern]

What if it is your job not to hand over those kinds of documents to anyone besides maybe your successor?

Not up to you. Quit if you like. Pass the written passwords (and any other of the company's property) across the table and walk out. If you want to keep your job, object in writing, get the demand in writing, and then you're free and clear. Feel free to become a whistleblower to your board/owner/press/police/etc. In fact, I encourage it.

Re:Mmmmm... No.

[Concern]

What law? In this case, the State's trying t'use "disrupting computer services", which is a California-specific law. From a look at the text, it looks like you only must give the password to your boss if he or she is "authorized" to have it. I'm assuming the charges are based on:

This one, among others probably. Your work passwords are the intellectual property of your employer.

Don't take my word for it. Ask an attorney.

(5) Knowingly and without permission ... causes the denial of computer services to an
  authorized user of a computer, computer system, or computer network.

I also admit, this isn't the best written set of charges out there. Just that it's correct on the essential point. He had lots of legal options and chose to use none of them. He stole his employer's property, he went to jail.

The question is whether his bosses were "authorized".

No. Not your job to decide what's authorized. Your manager decides what's authorized. He/she gives you an order, you follow it or quit, your choice. Just don't steal anything on the way out.

As a layman, it looks to me as though Childs was correct in refusing to give out the passwords (although I'm not familiar with any relevant city policies granting authorization, again I'm pretty darned sure the HR guy isn't supposed to have 'em).

Thank you for at least admitting you are a layman.

Giving out incorrect passwords was a bad move, but easily attributed to the pressure of the surprise party.

Nope. It's pretty much making him look guilty.

Re:Mmmmm... No.

[Concern]

If your boss demands a password, you have to give it, by law. If he demands you give it to another person, or 20 other people, you have to give it, by law.

What insane country do you live in where not obeying what your boss is a crime? In the US private sector, employees enter a contract with their employers. Not doing what your boss says is probably a violation of that contract (which will likely get you fired), but it won't get you prosecuted for a crime.

I qualified the above with "in the US private sector", because this doesn't apply to certain public sector jobs (i.e., elected/appointed officials), public safety jobs, and, of course, the military.

Not true at all. It's not a crime to disobey. You can always quit. You just can't steal any company property on the way out. Passwords are company (intellectual) property.

Re:Mmmmm... No.

[The_Other_Kelly]

Yes management can ask him for his passwords.
And he can refuse, at the cost of his employment, which he did.
And they are right then to fire him, as they did.

But then they asked him again ... without contract.
And this time he had NO moral or legal obligation to respond.

So they had him arrested.

And held incognito (he was *so* dangerous).

And NINE MONTHS LATER he is STILL in prison.

On what charge?

*Potential* damage.

As I said the first time:
http://slashdot.org/comments.pl?sid=623377&cid=24312689

Unless there are some new facts, I for one as an ex ISP SysAdmin,
would like to salute Mr Childs.

Re:Mmmmm... No.

[Concern]

Whoa. Very, very wrong.

The key is your property. So is the copy. He fails to return it: theft. Jail. Happens every day. Check your court's records.

Only loophole: say you "lost" the car key. Or the passwords. Maybe you can convince the judge.

Work passwords are exactly the same - intellectual property, belonging to your employer under work for hire rules.

Ask an attorney if you don't believe me.

Or just ask yourself how you ever replace a network or systems admin who doesn't feel like letting you?

Re:Mmmmm... No.

[DavidTC]

And if you do something they assert work for hire, and didn't make them a copy, can they arrest you? NO

Like I said, they have to go to court to get a decision on it, and the court will then enforce it, and if you fail to turn it over, you're in contempt.

And, incidentally, passwords are not copyrightable. They are entirely functional, and designed not to be published, and perhaps most important, are never fixed in any sort of media. (Computers usually hold hashs of passwords, not passwords.) So are about as far away as copyrightable as possible, and so cannot possibly be a 'work for hire'.

Not to mention, um, you can't be forced to reproduce a 'work from hire' from memory. Even if we work in this insane theory that the city owns the copyright of the password, and can demand he not produce copies of it, and even turn over all tangible copies of it, they still can't make him produce a copy from memory under that theory under any circumstances.

There is no theory of copyright law where the copyright holder of a work can require someone else to produce a copy of said work simply because they have lost theirs. That's just idiotic. And being forced to 'generate' a copy is even more inane.

So to recap:

1) Passwords are not copyrightable, as they are never fixed in a media.
2) Even if they were copyrightable, the idea that this one is a work for hire is dubious.
3) Even if it was a work for hire and the city the legitimate copyright holder, no theory of law would allow them to demand that someone else recreate said work and give it to them. If they lost their copy, they lose. (And if no copy was made, it ipso facto cannot be copyrighted, see 1.)
4) Even if a theory of law did demand that, we run into the original objection in that you can't simply arrest people by asserting that, you have to go to civil court and get a court decision requiring him to do that, and then arrest him for contempt if he doesn't. It's not 'theft', it's not a crime, it's someone withholding something and causing economic harm, and hence it's a civil problem.

I'm 100% sure of all those except 2, which might be true, except that I know 1 isn't so it's rather moot. Maybe it's you who shouldn't be giving legal advice here.

As it is, there are plenty of legal theories were he could be forced to turn over the password. (Copyright is not one of them.) However, the actual objection to those is still #4, the way to force someone to turn over a password is to sue him for said password and once the court says he has to, he'll be arrested on contempt of court.

Even if people have legal obligations to other people, they cannot get arrested for failing in those obligations unless such failure is an actual crime. (Or they deliberately committed fraud.)

This is why they didn't arrest him for failing to turn it over...they arrested him on absurd bogus charges of some sort of malicious planning.

Re:Mmmmm... No.

[Concern]

If they do something stupid with it, then maybe _they_ end up in jail.

No, if they do something stupid with it, then maybe you end up in jail, because it was still your "responsibility" even though they made it impossible for you to uphold that responsibility. In other words, if you hand out your passwords you become a ready-made scapegoat.

Basically, it's a no-win situation. It's essentially equivalent to getting fired, except they screw you out of the rights you would have had if you were fired explicitly.

Not true at all. You can always quit. If you do, just don't steal any company property on the way out. Passwords are the company's (or government's etc) intellectual property.

You will not end up in jail.

Or stay on, object in writing, get the demand in writing, and then you are clear.

Ask an attorney if you don't believe me.

Re:Mmmmm... No.

[Concern]

The problem with pp's point of view is that it's not always that cut-and-dried.

Yes, it really is.

You can be asked to do something dumb, immoral, or illegal at work. Happens every day. Your options are simple:

Document it as best you can. Contact the authorities and the media. You can quit at any time - just don't steal anything on your way out. For instance write down passwords on paper, hand them to your boss, and then walk out. Also happens every day. If it happens to be the govt you work for, then tell your story to the people. Maybe a DA sees fit to prosecute. Maybe someone loses an election. Happens a lot (thank god).

If you don't want to quit, object in writing, get the instructions in writing, and then do as you're told. You're free and clear, legally at least. You just have to sleep at night.

If this guy actually believed his boss was too stupid to be his boss, and turning over the company's property to him would lead to dire consequences, he'd have followed the law, and then laid back and become a whistleblower. If he was right, it'd be his boss in court/jail in the end.

Instead I'm afraid it's increasingly obvious he didn't really believe this.

Re:Mmmmm... No.

[Fred+Ferrigno]

What part of the work for hire laws impose a criminal penalty for refusing to recreate the work on demand? If I compose a song for my employer and my employer loses the only copy, then they can't put me in jail if I don't feel like producing a new copy. At worst, they can fire me.

It's the employer's responsibility to ensure that their property is stored safely. If Childs had died in a car accident they'd be in the same situation. If you can't figure out a better way to store passwords than in one person's head, you're just asking for trouble.

P.S. Let's not pretend that anyone is basing their legal decisions on the say-so of a random Slashdotter, whether or not he is a lawyer.

Re:Mmmmm... No.

[DavidTC]

At worst, they can fire me.

Well, no, at worse they could sue you and get the court to order you to produce said work and hold you in contempt when you didn't.

Of course, this absurd for copyrighted works, but, OTOH, it's absurd to pretend to that passwords are copyrighted anyway.

If they did sue, they'd probably win a lawsuit demanding passwords to their own equipment. There's plenty of legal theories that could happen under, just not the insane example of copyright.

But the point is, if they are suffering wrongful harm at your hands because of your failure to do something, the actual correct behavior is to sue to you, get a judgment against you, and then the court will enforce it. If you fail to do the thing after the court has demanded it, they will lock you away until you do.

It is not to throw you in jail, even if they do own the police.

Re:Mmmmm... No.

[Fred+Ferrigno]

Well, no, at worse they could sue you and get the court to order you to produce said work and hold you in contempt when you didn't.

Really? If Sony lost the master recording to "Beat It", you think a court is going to tell Michael Jackson to head back into the studio to re-record it?

Re:Mmmmm... No.

[wrook]

They have decided all this means he was planning to bring the network down for some unspecified reason. Of course he could bring the network, any network admin knows enough to bring the network down. If they don't, they don't know enough to do their job keeping it up.

I don't have any idea what the prosecution is thinking, but what you say totally right. I mean, what's the easiest way to bring down the network as a network admin? Simply decide to sleep in one day. Those guys are always having to recite magical incantations to keep everything up.

I helped out with this stuff (I'm definitely not qualified) in one of the small companies I worked with. I vividly remember the day I came to work and my boss said, "I just got a phone call saying that we sent somebody 40 gigs of spam in the last hour". All I could think to say was, "Oh, *that's* why we don't have any bandwidth right now..."

Re:Mmmmm... No.

[DavidTC]

No, they couldn't, but as I pointed out, copyright is a completely batshit insane legal theory to be operating under. Password are not copyrighted, and 'Concern' post is total fucktardary.

If a bank manager walked out on the job with the only bank vault combination, and the banks had a choice of either getting it from him or destroying their million dollar door....yeah, the courts might order him to turn it over.

Not under the insane theory of copyright, but under the theory that part of their job was to make sure their successor could get into the vault, and by failing to do their job they possibly have cost the bank millions, and the bank would either like the combination or those millions.

And, of course, he could rebut this by claiming that is not, in fact, part of his job, etc, whatever. I'm not saying the person bringing suit would win, I'm saying there's valid grounds for a suit.

Re:Mmmmm... No.

Nope. Just quit. Only thing is don't try to steal anything on the way out the door. Including intellectual property such as passwords, which are your employer's under Work for Hire rules.

Summary of the law: http://en.wikipedia.org/wiki/Work_for_hire

I note you neglected to address the GP's point of you seeing his specific contract. He's an IT engineer in California, not a programmer hired to write software.

So yeah, you're just pontificating.

You can't steal a password which was given to you (or which you created). Or are you saying that the premise of that "Paycheck" movie is a legitimate contract and the assumed default - that your mind is erased to the point of hire when terminated?

Re:Mmmmm... No.

[Concern]

And if you do something they assert work for hire, and didn't make them a copy, can they arrest you? NO

No, but the police can. Copyright has civil and criminal dimensions. And as I said, copyright isn't even the only issue here. Just an illuminating one.

I presume you're not the country's worst attorney - and only pretending to know the subject. I dare you to consult a real attorney about this. Report on back with who you talked to, and what you find.

In the meantime, you have presented a mountain of extremely dubious theories - virtually everything you've said, point by point, is wrong.

More than that, it's quite obvious you don't believe any of it.

If you believed it, you could assure us you've always been up front with others about your novel theories on what your rights are with those you work for. Not just here, but in "RL." If you believed it, you wouldn't mind discussing your thoughts on your employer's passwords (or are they your passwords?) in your next job interview. Just to make sure everyone was on the same page, you know.

I was trying to keep you out of trouble, but I wash my hands of you. If you refuse to consult an attorney and would rather live in a fantasy, then my advice would be to wear it on your sleeve. Don't hide your beliefs from those around you. Make sure everyone else knows what you consider your rights to be.

We both know it's advice you won't take, though.

Re:Mmmmm... No.

[Concern]

Don't believe me, or this hypocrite - who you just know doesn't feel like sharing his novel theories on password ownership with his bosses as freely as he does with us. Ask an attorney... doubly so if you're planning on doing anything crazy at work.

Here's how I understand it. Then you can see if I got it right.

A performance isn't intellectual property. A recording is. If you have a recording, and you lost it, the performance (or another one) is unrelated. No forcing MJ back into the studio.

A password isn't a song. "Performing it" can be considered the same as simply returning it to its owner. And then it comes to records.

With a song, there are normally notes, or draft recordings, or other materials. They may be in your possession, but if you made them for work, unless you have a contract that says differently, they're work for hire materials and they belong to your employer.

With passwords, it's not what they call "customary" or "standard" to keep the only copies of them all in your head. Even if it could be accepted in court that someone was only committing some "fucktardary", to use DavidTC's term, rather than deliberately hiding stolen goods, you have a whole other set of problems now.

Say you quit. And say not long after, your employer realizes that the notes and materials that are customary to your work are missing.

Maybe you didn't give them back, or maybe you did a negligent job. The court and the cops can turn up asking for them. Try saying, "no, don't have them, sorry" then it's up to a judge to decide whether you're telling the truth. Negligence and damages, or willful contempt and theft, your choice. And if you think jail isn't a risk at this point, well... good luck to you.

Then compound the fun by saying, "I know the passwords, I just won't say them. You can't compel me to perform." Or even better, do what this guy did. Perform, and give the wrong ones out.

You know what that looks like to a judge? Hilarious. Get ready for jail time.

You know the prosecutors in this case went with computer crime laws because prosecutors find the nastiest charge they can make stick, and those laws are terrible - vague and with huge penalties, many of them dating back to the years of Kevin Mitnick. For better or worse, it's how the system works. You don't charge someone with 12 counts of assault when they're also a murderer.

It doesn't mean walking off with your company's passwords isn't theft. Hence discussing this in terms of copyright:

* the passwords are intellectual property and if you were paid to make them, they're not yours,
* they have value (maybe a lot of value),
* depriving your employer of them causes harm (maybe a lot of harm)...

Well, like I said, don't take my word for it...

Re:Mmmmm... No.

[DavidTC]

You moron, I have at no point asserted that employees have the right to keep passwords from their employers. They have no such right. The courts could, and probably would, demand they get turned over.

I have simply asserted that your theory that passwords are copyrighted works for hire and hence can be forced to be reproduced is Completely Fucking Stupid for multiple reasons, mainly because a) passwords aren't copyrighted in the first place, and b) companies cannot make people reproduce works for hire if they can't find a copy of them. (Not 'turn over', reproduce. You can't make someone resign a song or redraw a painting, if you lost the copy you paid them to make. You can't make someone reproduce a password by writing it down. Of course, passwords were never 'produced', never written down in a fixed media in the first place, so by definition can't be 'reproduced' or, for that matter, copyrighted, which require the work be fixed in a medium.)

Re:Mmmmm... No.

[Concern]

Prosecutors always use the toughest charge they can get to stick. That's how the system works. In this case, they're using the shitty, shitty computer crime laws, because they are vague and they carry big penalties. These are not good laws to have on the books - no arguments there.

But imagine I work for you:

* I lock up all your hardware and quit.
* For argument's sake, say we even had "controls" - I just ignored them and changed the passwords and kept the new ones to myself.
* I claim I keep all the passwords in my head. I have no written or digital materials w/ the passwords in them. (Do you believe me? Would this be up to the customary standards of the industry?)
* I think I'm pretty clever, pulling that one. Maybe now the cops will believe I've got no tangible or digital work products (whether or not there are).
* I tell you your passwords belong to me, not you, and the only way I'll give them to you is if I feel like it. Why, if it weren't so, I'd be a new sub-class of citizen. I'd be a slave!

Well, it's too much to hope someone will run you through this scenario so we can see if your opinions change.

I'd say your salute looks a little timid from here, though, Kelly. Something tells me you don't salute him at work, and you won't be saluting for this righteous behavior at your next job interview either.

I'll give you this much. Do you really believe he doesn't have a physical or digital copy of those passwords somewhere? That there really isn't any physical or digital stolen goods? Then he should go down for negligence, and the bevy of ordinary laws that cover sabotaging your employer. "Computer crime" - this case just shows how badly those laws are written.

Re:Mmmmm... No.

[Concern]

You moron, I have at no point asserted that employees have the right to keep passwords from their employers. They have no such right.

Really? I could have sworn this was you:

Well, congratulations on making up laws, but, no, there's no law requiring you tell people passwords, even to their own systems.

You know, babyish insults kind of give up that you are a baby, David. And what's moronic? Contradicting yourself in a written medium like this, when it's so obvious. People generally read these in chronological order, you know.

The courts could...

Yes, do tell us about what the courts will do.

No doubt links to examples, evidence, citations are missing only because they mess up your conversational "flow."

Well, on the extremely remote chance you are not actually just a slinking hypocrite with a vivid imagination, without the guts to say any of this to the faces of their current or future employers, you might end up in court yourself one of these days. My advice: don't go pro se.

Re:Mmmmm... No.

[DavidTC]

Just because there's no law tell you to do something doesn't mean courts can't impose it as a civil penalty, you fucktard.

Do you not even grasp the difference between the penalty imposed by a civil trial and a criminal action?

I can't even begin to explain how utterly stupid that.

If you car coasts into my house by accident, do you really think the police can arrest you right then if you don't pay some random amount pulled out thin air by me? Because that's exactly what you're arguing with the password.

In reality, I can take you to court, where the courts would decide what sort of penalty you have to pay me. And then it would be enforceable under the law. Although you'd still not get arrested 'for it' if you refuse, you'd get arrested for 'contempt of court'.

There is no law stating 'You must give people passwords to systems they own'. You're the idiot who keeps moaning about cites, how about you cite any law that can be vaguely interpreted in that manner? Any law that would let the police arrest someone they saw doing that. Go ahead, I'm waiting.

That doesn't render the court unable to impose that, or almost anything else, as a civil remedy to wrongdoing in a civil case.

Microsoft once lost a court case and had to reveal the Windows API as a penalty, something which had never even been mentioned in any previously existing law. As far as the law was concerned, 'the Windows API' didn't exist, and so it certainly wasn't 'illegally' to not release it before that point. And yet the judge said they had to do it, so they did, or risk arrest for contempt.

Re:Mmmmm... No.

[Concern]

Just because there's no law tell you to do something doesn't mean courts can't impose it as a civil penalty, you fucktard.

Ah, but, if there's no law that's been violated by stealing the passwords... how could we be in... court?

Does the court entertain cases, render judgments, or imposes penalties, civil or otherwise, on the basis of anything... besides... laws?

Have I upset you? You seem to have stopped making sense.

do you really think the police can arrest you right then if you don't pay some random amount pulled out thin air by me?

It may be psychological, rather than legal help, that would benefit you at this point.

Do you suggest theft or property destruction have no criminal components? That police need wait for a civil action to lock you up for them?

Do you suggest that this applies to physical property only - or perhaps that intellectual property is also covered under the criminal umbrella?

I hope you're not planning on driving into anyone's house just to prove a point. :)

how about you cite any law that can be vaguely interpreted in that manner?

I did already. Can I help it if your version of "interpretation" consists of fallacious nonsense and insults?

Microsoft once lost a court case and had to reveal the Windows API as a penalty, something which had never even been mentioned in any previously existing law.

Not true.

Or do you suggest the judge could have decreed that Bill Gates stand on his head until he turned blue?

And why not?

Because of... governing... law...?

In "US v Microsft," everything that occurred in that case was covered by law, including the remedies. Your argument seems to be that if a law gives latitude to a judge, for instance by saying "all the numbers between 1 and 100" and the judge says "55," this was somehow not governed by law...

Hey David - there's no law against stealing salt shakers and pepper mills. I hope this won't encourage you to commit... petty larceny. :)

I notice you avoided citing anything, again, which is fine - I'm sure no one expected you to. But I am still curious: are you a frightened hypocrite, who wouldn't dare talk about his novel theories about his conduct with his employers and their property in the real world... who obviously knows he speaks falsely?

Or is it just that you're an honest man, with a babyish attitude and spoiled child ego, who may actually land in prison one day?

Very entertaining either way. Really can't lose. :)

Re:Mmmmm... No.

[Fred+Ferrigno]

I think you are taking the concept of "ownership" of intellectual "property" too literally. If I have a car in my possession that is owned by someone else, they can take me to court to force me to turn it over. If I have the only extant copy of an obscure piece of software, the copyright owners can't force me to give that copy to them. That's because they don't own the copy, I do. They "own" the exclusive right to copy the software. If I'm not trying to copy the software, what I do (or what I don't do) with my copy is none of their business. I can lock it away in a vault and never let anyone see it ever again.

Now, maybe there's some other legal rationale for why the company could compel me to give them my copy, but it wouldn't be based on copyright. Perhaps I agreed to some contract or EULA that says I have to give it up on demand. Perhaps the company can show that I obtained the copy illegally and it was never really mine.

In this case, Childs doesn't even possess a copy of the supposedly copyrighted material and surely isn't trying to make copies of it. Copyright creates no obligations for him to do anything, not to "perform" or copy or whatever. "Nah, I don't feel like it" is a perfectly acceptable response from a copyright perspective. DavidTC may be right that the terms of Childs' employment carry some implicit obligation that isn't discharged even when he's fired. I don't know. Regardless, whatever that obligation is, it does not come from copyright.

Re:Mmmmm... No.

[Tuoqui]

If that is the case then we can demand that Blu-Ray Player manufacturer give us the encryption keys? After all the Blu-ray player is your own system what right do they have to keep their encryption keys secret?

Re:Mmmmm... No.

[Tuoqui]

This one, among others probably. Your work passwords are the intellectual property of your employer.

Ok so I can I start copyright, patent, trademark or trade secret numbers now? lemme start by copyrighting 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0...

No. Not your job to decide what's authorized. Your manager decides what's authorized. He/she gives you an order, you follow it or quit, your choice. Just don't steal anything on the way out.

Actually it is his job to decide who is authorized as the role of Network Administrator/Chief Information Officer (not sure which title he held exactly). That is their role to ensure the security of the network from threats both external and internal. He apparently felt comfortable handing off the passwords to the person with the ultimate authority (The Mayor) but the underlings in question. If this were a company then him in Network Admin/CIO role would mean that he only answers to the CEO in this case the Mayor. He did his job and he did it right from what I see.

IANAL but I play one on Slashdot... but the original comment about the HR person not being authorized to have the password may be a valid concern/complaint. Passwords are supposed to be secure and on a need to know basis and the HR person doesnt need to know. Only other Network Admins and the Mayor would be in the 'need to know' category.

Re:Mmmmm... No.

[DavidTC]

Ah, but, if there's no law that's been violated by stealing the passwords... how could we be in... court?

...stealing passwords? How stupid are you? His behavior isn't even metaphorically stealing passwords.

Does the court entertain cases, render judgments, or imposes penalties, civil or otherwise, on the basis of anything... besides... laws?

Um, actually, yes. Civil law is based on the concept of harm, not on the concept of legality.

You can harm people, and forced to pay damages, without breaking the law in the slightest sense.

Likewise, you can break the law, be arrested and convicted in criminal court, and yet not be liable for any damages in civil court.

On top of this, to add to the confusion you'd have if you had managed to grasp even the simplest part of this, there are civil laws about what consists 'harm' and what the damages should be. Like 99% of copyright law. (The criminal aspects of copyright law are only applicable with very high volumes.)

So there are 'laws' that breaking of them cannot get you arrested.

Or do you suggest the judge could have decreed that Bill Gates stand on his head until he turned blue?

Limited liability corporations do not pass on liability to their corporate officers or owners. Nice grasp of the law you have there, thinking Bill Gates could be punished for the actions of Microsoft. (And, more to the point, that's a 'cruel and unusual punishment', you imbecilic. People couldn't be given that punishment anyway.)

In "US v Microsft," everything that occurred in that case was covered by law, including the remedies. Your argument seems to be that if a law gives latitude to a judge, for instance by saying "all the numbers between 1 and 100" and the judge says "55," this was somehow not governed by law...

No, I'm suggesting that nothing that occurs in civil court is something people can be arrested for. (Even ignoring the fact it's a corporation and can't be arrested anyway.)

Do you suggest that this applies to physical property only - or perhaps that intellectual property is also covered under the criminal umbrella?

First of all, intellectual property is not covered under the 'criminal umbrella', whatever that means. It's covered under an entirely different set of laws that are civil, not criminal. (Mostly.)

So, to recap, you have absolutely no idea of the difference between criminal and civil law, and you have absolutely no idea of what a 'corporation' is, and you don't understand that copyright is a different set of laws than theft.

I notice you avoided citing anything,

I'm not citing because I'm telling you basic knowledge. If I was writing a paper about this I wouldn't cite, as people are expected to know it function in society.

Oh, and I did cite when it was obscure. Way back when, when I pointed out that copyright requires the work being fixed in a medium. That is the bedrock foundation of copyright, there must be an original 'copy' that cannot be copied.

There are lots of rules that only apply to different types of copyrights, like TV shows vs. computer programs, but the 'fixed medium' rule applies to them all, including whatever copyright category you're insanely classifying passwords under. All copyrighted works must be fixed in a medium. Passwords are not fixed in a medium, they aren't stored anywhere at all, and hence, under no circumstances whatsoever, can they be copyrighted in any category, end of discussion. (And there are plenty of other objections, like they're wholly functional, and too short, etc, but 'no fixed medium' would get your case dismissed at the moment of filing, as you'd have to submit a copy of it.)

You just ignored it when I said it then, so I don't know why I should cite more. But, hey, here you go for a start at learning the difference between criminal and civil law.

Re:Mmmmm... No.

[Concern]

...stealing passwords? How stupid are you? His behavior isn't even metaphorically stealing passwords.

OK. He... borrowed them and didn't give them back? :) LOL.

Um, actually, yes. Civil law is based on the concept of harm, not on the concept of legality.

Civil liability is governed by law. :)

You can say that running afoul of some tort, be it slander or assault, is "not illegal," because it's a civil matter. No mind that you can still end up in court, and jail if you don't cooperate - just that the government may not enforce them.

But your real problem is that many things, from assault to copyright, are both civil and criminal. Look at your own tortured parenthetical admissions ("Like 99% of copyright law. (The criminal aspects of copyright law are only applicable with very high volumes.)", "(Mostly.)").

You didn't cite any sources, again, but that's because you're lying. The bar for criminal copyright violation is quite low, for better or worse. Similarly with assault, etc.

The next time you assault someone, try telling the police you can't be arrested, because what you did is "not illegal."

Limited liability corporations do not pass on liability to their corporate officers or owners. Nice grasp of the law you have there, thinking Bill Gates could be punished for the actions of Microsoft. (And, more to the point, that's a 'cruel and unusual punishment', you imbecilic. People couldn't be given that punishment anyway.)

You seem easily confused.

This was an example of something a court couldn't do.

You've pointed out some of the reasons why not, which is good.

Your original point seems to have been that laws don't exist which govern what you do with passwords. ("There is no law stating 'You must give people passwords to systems they own'.")

You went as far as to imply that laws did not govern the outcome of US v Microsoft, either ("Microsoft once lost a court case and had to reveal the Windows API as a penalty, something which had never even been mentioned in any previously existing law").

You have now neatly showed that you were wrong, and that, as I said, laws governed every aspect of US v Microsoft. Thank you.

To restate (again) there may be no law against stealing a salt shaker. Just more general laws; more general codes for police conduct, and more general latitude for civil remedies and criminal penalties. Try stealing one and see what happens. Tell people "there's no law against stealing this salt shaker."

First of all, intellectual property is not covered under the 'criminal umbrella', whatever that means. It's covered under an entirely different set of laws that are civil, not criminal. (Mostly.)

So by mostly, do you mean, actually not at all? :)

I'm not citing because I'm telling you basic knowledge.

Common excuse given by liars and charlatans to help conceal a knowing error of fact. Also popular among the lazy.

Passwords are not fixed in a medium

If they weren't, they could never be used. They're stored in the computers that they are used to govern. Length and functionality don't matter a whit to copyright as far as I know. There are other defenses that may come to bear - you haven't said any of them.

If merely storing something in "encrypted/hashed/obfuscated" etc. form means it is not actually copied or stored, what a great loophole in copyright you've found! Woohoo! Perhaps the same defense will work with mp3s? It's party time. :)

It's also customary to keep a secure record of passwords at any installation of significant size, complexity, or monetary value. Many reasons for this which should now be painfully obvious, not least that there are usu

Re:Mmmmm... No.

[DavidTC]

The bar for criminal copyright violation is quite low, for better or worse.

Um, did you bother to read that cite? Did you follow through to 506? Ironically, you just disproved your own point and even what I said about 'mostly'.

Criminal penalties only apply for copyright if, and I quote, it is 'a computer program, a musical work, a motion picture or other audiovisual work, or a sound recording'.

All those things are very well defined, and a password is none of them. (And before you argue it is one of them, actually cite the definition first, or I'll ignore it. You don't get to pretend you know what those things are defined as, they are very explicitly defined in copyright law.)

I was under the mistaken impression criminal penalties could apply to written works, which is all anyone could argue a password is. They cannot. Criminal penalties cannot apply here.

If they weren't, they could never be used. They're stored in the computers that they are used to govern.

As pretty much everyone who's worked with computers at all knows, this is simply factually wrong. Passwords are not stored in computers. A hash of the password is stored.

If merely storing something in "encrypted/hashed/obfuscated" etc. form means it is not actually copied or stored, what a great loophole in copyright you've found! Woohoo! Perhaps the same defense will work with mp3s?

Yes, if you only record a hash of music instead of the actual music, you have not produced a copyrightable piece of music. (This is a bit moot as you don't have a copy of said music anyway, so it'd be a bit hard stopping people from copying something that doesn't exist.)

This isn't the same as saying that making a hash of an mp3 and trading it isn't a copyright violation...although it actually isn't. If you can't turn it back into music, it does not count as a 'copy'. (You , of course, are about to argue that 'hashes' can somehow be turned back into music, because you are a moron and don't understand what a 'hash' is.)

However, even if the original copy is the copy in the computer, he still didn't have a copy and can't be forced to turn it over, moron.

I swear to God, you have produced the most fucking stupid legal theory that ever existed. Even if you're 100% right about passwords being copyrighted, you're still completely wrong as he clearly didn't make a copy, and hence cannot be in violation of copyright. (You're about to argue that the copy 'in his head' counts, but a) no, remembering stuff really isn't a violation of copyright, but as you're a moron who doesn't understand copyright, I point to b) he made that 'copy' as part of his job in a presumable legal manner.)

Re:Mmmmm... No.

[Concern]

The bar for criminal copyright violation is quite low, for better or worse.

Um, did you bother to read that cite?

Yes.

It proves that you were wrong about "like 99%" and "very high volumes."

I would suggest admitting it and apologizing when things like this happen. It will make you look the better person.

It also does not indicate what you claim (more below on that).

Did you follow through to 506?

Yes.

Ironically, you just disproved your own point and even what I said about 'mostly'.

Criminal penalties only apply for copyright if, and I quote, it is 'a computer program, a musical work, a motion picture or other audiovisual work, or a sound recording'.

You are wrong again.

There are multiple sections governing criminal penalties. There are specific penalties for violations relating to 'a computer program, a musical work, a motion picture or other audiovisual work, or a sound recording' - that's 2319 (d), here. They are not the only ones. The penalties for written works are simply different. For instance, examine the foregoing sections (b) and (c) of 2319. I gather that you do not know how to read the law, so I will also provide an analysis: here:

"Increased penalties of up to five years imprisonment and $250,000 in fines were available only if the infringement involved reproduction or distribution of motion pictures, audiovisual works and sound recordings. Repeat offenders were subject to the maximum fines regardless of the number of copies or types of works involved. All other offenses continued to be misdemeanors with maximum fines of $25,000 and one year imprisonment."

I'm increasingly surprised by your desire to assert obviously incorrect facts about the law. It's a peculiar thing to do. The law is there in black and white, along with famous cases, commentary, etc.

Even if you can't understand the materials you are reading, doesn't common sense come into play at some point? Do you really believe there have been no criminal charges relating to copyright violations regarding written works? These laws date back to an era before television and radio.

You obviously have some interest in and passion about the law. Why not read more deeply, or even consider studying it? By emotionally insisting on your guesses about what you don't understand, you make yourself look ridiculous. At this point I am really becoming embarrassed for you.

As pretty much everyone who's worked with computers at all knows, this is simply factually wrong. Passwords are not stored in computers. A hash of the password is stored.

You are wrong again, in two ways. First, the minor way: although hashing passwords is good practice, it is not universally done.

The standard methodology in Unix-variants for many years was to encrypt the password using DES; the stated goal was a one-way process. Passwords can indeed be extracted, however, much to everyone's chagrin, hence the use of shadow files and so forth. Microsoft windows has, over the years, used reversible encryption.

Second: Say that all of the hardware in question only stored hashes of the passwords in question. This also isn't relevant to the "password records" example that I gave, describing common industry practice, in which passwords are recorded as working notes.

I notice you didn't respond to this.

If you can't turn it back into music, it does not count as a 'copy'.

On this point, you are correct.

...he clearly didn't make a copy, and hence cannot be in violation of copyright.

Perhaps you didn't read to the end of my last email. You're response is a non-sequitir.

Re:Linux

Of course, smaller dicks.

Re:Linux

[MrNaz]

If he's a Mac user, then all I can say is... ...That's no butt plug...

Plagarism

Editors,

Could you at least read the first two paragraphs of the links in the submission, instead of posting plagiarized text? I mean, it only takes a couple of seconds to follow the first link and read a two sentences.

The techie media is getting it right...

[DigitalSorceress]

If things went down like Childs said, then he was indeed doing his job correctly. I've got root level access to all our Linux servers and several of our AD domains due to the work I do. However, I'm not the network admin. I would not give any of the passwords to anyone (including my boss, the head of IT), and instead would direct the requester to our head network/infrastructure guy.

I happen to know that he would refuse to just give out root passwords to management just because they wanted it. The only people with that level of access are those who need it for their work. This is how things SHOULD BE.

Now if Childs was the only one with the passwords (which from the standoff, I guess he was), then he may be guilty of forgetting that you NEVER put all your eggs in one basket. Were I in Childs' position, I would have been concerned what would happen to my network should I get hit by a bus. However, I can't believe he wouldn't have a PFY to share the info with. You always gotta have a second.

Re:The techie media is getting it right...

Not right - that is insubordination. You have a very distorted idea of what your job is, hopefully you do not have a wife and children depending on you, because sooner or later you are going to end up leaving them high and dry.

Re:The techie media is getting it right...

[HikingStick]

Your "hit by a bus" scenario hits the nail on the head. I've been working for the past nine months to establish an IT department that, previously, did everying as an IT ad-hocracy. Passwords, which were once kept in an MS Word document on the LAN, are now tucked away safely in my grey matter and archived in an encrypted password storage application. That application has a password that is 45 characters long. The safeguard, in case I am ever "hit by a bus" or otherwise relieved of my duties is this: the two senior officers have copies of the password in an appropriately sealed and labeled set of envelopes that are kept in two separate, locked locations. If I'm ever gone and they need the passwords, they can unlock the safe, open the envelope, and get into the password storage and retreival system.

Re:The techie media is getting it right...

[DavidTC]

Wrong. If the company policy says one thing, and your bosses say another, the company policy is still correct. If the company policy says management doesn't get the password, they don't.

Anyway, the point isn't whether or not he should be fired. The city could fire them if they wanted, although good luck finding a replacement.

What they did, however, was have him arrested.

Re:Press Interviews while incarcerated

[R2.0]

I get the impression that his defense is not going to be "I didn't do it" but "I did it, but it's not a crime"

Personally I think he's holding out for the fat paycheck at the end of the inevitable lawsuit, and good for him. This whole thing is about the city of SF trying to save face.

Power struggle.

[Vellmont]

It seems to me the whole thing is really about a power struggle with a recalcitrant employee. Someone with a lot of authority in City Government sicked Johnny Law after this guy when he refused to give out the admin passwords. The city then calls up the media, lets out the dogs, scarlet letter, the whole 9 yards.

In reality, is failing to reveal an admin password a criminal offense? Have we really gotten so strange in this day and age that some passwords are now considered "property"?

I have no problem with him being fired. He sounds like a control freak who took the whole system to be his personal baby. But the charges against him sound more like someone is pissed off, and trying to take it out through the court system.

Re:Power struggle.

[odin84gk]

...Have we really gotten so strange in this day and age that some passwords are now considered "property"?

I have no problem with him being fired. He sounds like a control freak who took the whole system to be his personal baby. But the charges against him sound more like someone is pissed off, and trying to take it out through the court system.

Are your car keys considered property? If your employer gives you the keys to a company car and you refuse to return the keys, wouldn't that be the same thing as you refusing to return the car?

Lets say I'm paying an engineer to design a new widget. Sure, I want the final widget, but I also own their designs, their firmware, their manufacturing plans, and everything in between. Holding a password is the same as refusing to release the old work to management.

Re:Power struggle.

[Alzheimers]

Have we really gotten so strange in this day and age that some passwords are now considered "property"?

If I steal the keys to your car, who owns your car?

Re:Power struggle.

[Attila+Dimedici]

He got arrested because even after they fired him he wouldn't give them the passwords. How are they supposed to manage the network if the only guy who knows the passwords is the guy you fired?
So by refusing to give them the passwords when they fired him, he was denying them access to their property. On the other hand, I agree with the people who think this whole situation smells of a bigger problem somewhere.

Re:Power struggle.

[sheepofblue]

Yep what if he had stated that he forgot them or ala Clinton I cannot recall. The fact that more than one person did not have them is the real problem. Any business (or agency) that trusts the keys to its entire system to only one person fails the beer truck test. Thus needs to be fixed. This was obviously a bad employee who had a intimidating confrontation (by design) and made the wrong choice. Then over zealous bureaucrats got stupid. Sadly only one of the people that were acting like children is in jail.

Re:Power struggle.

[hobbit]

I do, because stealing something doesn't change ownership.

If, however, I employ you to keep my car keys from me when I'm drunk, and you give them to me anyway, on the basis that I asked you to and I'm your employer, are you doing your job?

Now, of course, this analogy breaks down because they fired him, so it wasn't his job to withhold passwords from them any more. But the question remains, was it his legal obligation to provide them?

Re:Power struggle.

[GameMaster]

The problem with you're analogy is that car keys are a physical object. While they may not be worth much, it is still, at least, a petty offence to steal them.

A better analogy might be if I employ someone as a driver and then require them to take my keys to Home Depot and use their own money to make a copy without reimbursement. At that point, that copy is his/hers. Just because I fire that person doesn't give me the right to demand that key back even if the car's owner happens to loose the original. Of course, you still own the car but, unless that person tries to use that key after being fired, they haven't commited a crime just having it.

Re:Power struggle.

[Vellmont]

He got arrested because even after they fired him he wouldn't give them the passwords.

Is refusing to give out a password illegal? How?

How are they supposed to manage the network if the only guy who knows the passwords is the guy you fired?

I don't know. How would the manage the network if the guy got hit by a bus?

The problem of an unknown password that can't be reset is much larger than one guy going for a power grab. There's various ways to solve this, but one of them isn't throwing a guy in jail, charging him with 4 felonies and pretending it's all his fault.

Re:Power struggle.

[Vellmont]

If all you've got are analogies, you've already lost. "If X's were Y's, then I'd be correct!". Reasoning by analogy might reveal your thinking and be an interesting intellectual exercise in connecting unlike things, but it makes an extremely poor argument.

Re:Power struggle.

[DavidTC]

I think the point that people are missing is that even if you have the right to demand the key back (Or, actually the right to make your own copy of it, as we're being careful in the distinction between physical property and ownership of knowledge.), you don't have the right to arrest the person if they fail to do so, even if you're the government.

You want to force them to do something, you do it the same way that everyone does...you bring suit against them. Even if you have the 'right' to force them to do something, even if it's an actual law stating you have a right to that knowledge, you can't just arrest people for failing to turn it over...you show up in civil court, present your case, and get a judgment decreeing they must turn said key over to you. At which point, if they still refuse, they will be held in contempt of court and arrested for that.

The city, however, owns and operates the police, so apparently someone decided to take a bit of a shortcut here.

Re:Power struggle.

[GameMaster]

I agree that the correct venue for this, probably, should have been civil court. However, even there I would tend to think that it would still have nothing to do with returning the actual key/password (not the least of which because by the time the case was heard a replacement key/password would have long been attained). The civil case, as far as I can see, would have more to do with the employer trying to prove that not returning providing the password/key before leaving employment represent malpractice on the part of the network engineer/driver (in order to bring the car analogy in line here the original key would have to have been lost before the driver was fired and he/she would have been fired for not allowing the car's owner to make a copy of the driver's copy).

Re:Power struggle.

[AK+Marc]

If your employer gives you the keys to a company car and you refuse to return the keys, wouldn't that be the same thing as you refusing to return the car?

No. If the car was in my garage and I was denying use to the city, then yes. But that's not what happened. He has a set of keys he made with his own money that don't belong to the city. The car is in use by the city and at no time was use denied to the city. The city lost their own keys to the glove box, and are throwing him in jail because he didn't give his personal keys to the glove box back fast enough.

Lets say I'm paying an engineer to design a new widget. Sure, I want the final widget, but I also own their designs, their firmware, their manufacturing plans, and everything in between.

Lets say that the employee makes a sketch of a new idea on that widget at home. Do you have the rights to the pen he used and that paper in his house? We'll all agree he can't go out and sell that sketch to someone else, but do you then have the right to break into his house and take it by force? If he sketches it at home, decides it isn't good, and throws it away, can you put him in jail for not including that sketch with the working widget under a file "failed designs"?

Re:Power struggle.

[AK+Marc]

He got arrested because even after they fired him he wouldn't give them the passwords.

Good for him. His obligations to them end the second he's fired. To fire someone then ask for something after is just plain stupid. The only crime here is the city abusing the fact that they run the police, prosecutors and such to use their power to harrass a former employee.

By Law?

Can you please cite the CA law which requires such action?

Re:By Law?

Ah. Never been in the workforce, I see. Google "work for hire" and you will be enlightened.

Original story?

Does anyone have a link to the original story? I remember it was on Slashdot before, but TFS mentions this issue as if everyone would have the previous story bookmarked...

what is actually claimed in the affivadit ..

[viralMeme]

Does anyone find it curious that the city managers claim they couldn't get access to the system without Childs passwords. I mean how difficult is it technically to reset a password, especially with physical access to the system. And with most reported 'news' nowadays, the facts keep changing with each new itteration:

Sep 10 2008 "The SF rogue admin Terry Childs installed a 'terminal server,' which appears to be a router, on the city's network, but investigators haven't been able to find or log into it"

"Childs has become increasingly hostile at work and defiant toward certain managers and has failed to comply with standard work procedure, as described above by the only system administrator situation"

"On the late afternoon of Friday 6-20-08, Security Manager J. Pieralde was conducting an audit inventory of equipment at the OMP Data Center. As she proceeded with her work, she was confronted by Childs and Childs began taking pictures of her, using his SF Owned cell phone. Pieralde became so concerned for her personal safety that she locked herself in a room and contacted Director R. Robinson by cell phone, informing him of (S) Childs' behavior .."

"Over the last months, Childs has refused and not authorized or allowed any other system administrators to the FiberWAN .."

"
"
"The Labor Relations representative, Mr. Leung, then informed Childs that because of his insubordination and his failure to answer questions by a superior of his insubordination and his failure to answer questions by a superior he was being suspended from his employment .."

" Childs' City owned work cell phone, pager, ID cards, and access cards were taken from him .."

"Approximatly, an hour later, a page was received on the pager and a check of messages revealed a message from one of the routers . .Security Director J. Pieralde .. highly suggests that Childs still had current system admin rights .."

"Mr. Maupin was also able to determine that Mr' Childs had, in fact, intentionally configured multiple Cicso network devices with a command that erases all configuration date in the event that someone tries to restore administrative access or tries to perform disaster recovery. This command was created for military applications that require deployment of network devices in areas that may have the possibility of hostile forces that could get physical access to network devices .."

Does anyone else apart from me think this is technologically nonsense

Re:what is actually claimed in the affivadit ..

[GameMaster]

The whole thing stinks, but you never know until we see all the facts.

The picture taking incident could have been him flying off the handle like they make it out to be, or it could have been him taking pictures as cya insurance because he was concerned she might mess up (EIther intentionally or unintentionally) some mission-critical systems. One would wonder why she called a director, and not 911, if she was actually concerned for her personal safety. That makes it sound like, to me anyway, some of the hyperbole they were talking about in the article.

The thing about the router paging his work pager sounds like nothing. I see nothing out of the ordinary for an admin to set up a router to page his work pager if it has problems. How does this, in any way, signify him still having access if he no longer has the pager? He either has the pager (and is thus allowed to contact the network as an employee) or the pager is confiscated from him when he is fired (removing his access to the network). There may be more to the story, but that statement means nothing on it's own.

Re:what is actually claimed in the affivadit ..

Not me. You should never try to remove any of the methods that allow for password recovery when you have physical access to the device if the device is kept in a secured location.

There is rational security, and then there is crazy. If someone has time and physical access, they should be able to recover the passwords. That is your last ditch method to recover access to an exploited device.

Re:what is actually claimed in the affivadit ..

[DavidTC]

You should never try to remove any of the methods that allow for password recovery when you have physical access to the device if the device is kept in a secured location.

Except, as various articles have pointed out, and the city has totally ignored, he only did this to devices that weren't physically secured.

It's a city-wide network. Half the devices on it are going to be routers sitting in the breakroom of the tax office or whatever. Of course he disabled the password recovery on those things.

Re:what is actually claimed in the affivadit ..

[DavidTC]

He says he a) didn't take any pictures of her, b) didn't know there was any sort of audit scheduled, and c) she was walking around with a hard drive.

So, basically, he asserts that he questioned a random person who showed up and started poking around his network and possibly stealing stuff. (It doesn't sound like it was one of his hard drives, but random, non-IT people walking around workplaces with hard drives are inherently suspicious. He's network admin, but that doesn't mean he didn't know who the IT staff were at his office and that she wasn't one of them.)

And, yeah, there's no indication that, even if her story is completely true and not exaggerated at all, that he committed any crime at all, so it's hard to see why they'd mention this except to taint public opinion.

Re:what is actually claimed in the affivadit ..

[GameMaster]

Actually, it sounds like he had plenty of reason to be suspicious in that case. Even if the hard drive was hers, it doesn't mean that she wasn't using it to steal confidential data from the system. This may not have even been a standard workplace. If this was a datacenter then that makes it even more suspicious. Just because a stranger walking around your datacenter tells you he/she is an auditor doesn't mean you just take their word for it, that's called social engineering. He might have, even, had a legitimate right to detain her as a "citizen's arrest" as it seems he had good reason to think she was a thief.

It does look like most of the things they are releasing are pure hype to win public opinion. With what you said, the first thing that pops to mind, as far as why she might have called the director rather than 911, was that she was trying to prove her story as an auditor to an admin who was, justifiably, refusing to let her leave without finding out what she was doing there. Detaining someone who may have been committing a crime doesn't represent a threat to her safety, but it does seem like the kind of way you could portray it if you wanted to smear his name.

It seems like he was one of the only people there

[Joe+The+Dragon]

It seems like he was one of the only people there who had a clue about how to run the network and he did not what to let the other people in the city mess up the network and have to work a lot of over time to fix it.

The thing was they where cutting back on people and he was the only one there who had any idea on how things where set up and the other people can make a big mess be messing with the network and they where the same people who installed viruses on a sever. And Terry Childs tried to set some security policy's and they did not seem to look at them.

He also set the network stuff to do a full reset if some tried to do the easy password reset on them or set them to trun off the easy reset forcing you to do a full reset to get back in to them a common high security setting that is used on some networks.

Re:Linux

He has an imagination, something you obviously don't have.

Anyway, he's obviously lying. If that were true then Mac users would flock to Linux in droves.

yet more 'facts' in the Childs case ..

[viralMeme]

"On Friday, June 20, there was an altercation between Childs and Jeana Pieralde, the new DTIS security manager at the 1 Market Street datacenter in San Francisco. Until her promotion, she had been a city network engineer who worked with Childs"

Why didn't anyone tell Childs of this promotion, and who got her the 'promotion'?

"Childs disputed this interpretation of events, claiming in court documents that Pieralde was conducting clandestine searches of DTIS employee workspaces and had removed a hard drive from an office when he confronted her. He also denied taking photos of Pieralde"

Were there or were there not photographs taken of Pieralde by Childs. Was Pieralde authorized to conduct such audits and where now is this 'SF Owned cell phone', and what exactly did Childs intend to do with these photographs.

"the city stated that Childs was placed under surveillance and was arrested on the evening of July 12 as he was parking his vehicle near his home in the suburb of Pittsburg. At the time of his arrest, he was found to have $10,000 cash on his person and receipts showing that he had traveled to Sparks, Nevada, where he had looked at renting storage units. Following his arrest, police searched his house and workspaces. Police turned up 9mm and .45 caliber bullets, but apparently no weapons"

Like, if he was under surveillance (and his cell/pager conficated), wouldn't they have noticed that he wasn't actually near a computer whern the pager went off ?

"Considering that normal bail for a murder case is $1 million -- one fifth of what Childs' bail was set at -- this filing was unexpected"

-------

"it is a mystery what exactly Jeana Pieralde was doing performing an unannounced, after-hours "security audit" in a City office other than that in which she herself worked. It was during that secret "security audit" on the evening of Friday, June 20th, 2008, in which Jeana Pieralde took a hard drive from another City employee's office and was photographed by Terry Childs as she did so"

"The office from which Pieralde removed the hard drive belonged to DTIS Security Officer Nancy Hastings (who naturally was not present in the office because the "security audit" was being conducted after hours.)" "Terry Childs had returned late to the offices (which do include his office and do not include Jeana Pieralde's office) at about 5:15 P.M. to find Jeana Pieralde (who does not work in those offices) taking a hard drive from one of Terry's co-workers offices. Terry photographed this act with the camera in his cellphone"

Did Pieralde really remove a harddrive. What was the name of this co-worker, where is this harddrive now. What motovated Pieralde to remove the harddrive. What's really going on here. Was Pieralde caught with her-in-th-cookie-jar, and someone decide to frame Childs to distract from something?

Re:yet more 'facts' in the Childs case ..

Did Pieralde really remove a harddrive. What was the name of this co-worker, where is this harddrive now. What motovated Pieralde to remove the harddrive. What's really going on here. Was Pieralde caught with her-in-th-cookie-jar, and someone decide to frame Childs to distract from something?

Don't forget to watch the next episode of ...

Re:yet more 'facts' in the Childs case ..

[viralMeme]

"Don't forget to watch the next episode of ..."

Well, it's not as if we have any real news or investigative reporting anymore, the news is told to us in the form of a movie trailer, hero vs bad-guy lots of quick-cuts and scary music in the background ..

We need to protest

[Orion+Blastar]

Make a National IT Walkout day.

#1 Change the root or administrative password and don't give it to any managers.

#2 Change the PIN number to enter the server room and don't give it to any managers.

#3 Shut down all servers in the server room before going home.

#4 Turn off all cell phones and pagers, and put your home phones off the hook.

#5 Let management go one day without an IT department and see what happens.

That'll teach them to nail innocent admins for things managers with admin or root access have done.

Re:We need to protest

[ServerIrv]

If you are trying to teach managers a lesson about what happens when admins are not around, why do you need to shut down all the servers in the server room before going home? The only need for the admin is to administer the computers: make changes as needed to keep the systems running smoothly and as per spec. Your list follows that except #3.

My guess is that most servers would be fine for one day (otherwise the admin is doing a horrible job), but the thing that management couldn't handle is that there would be no one to hold their hand while figuring out how to make a horrid looking template for Outlook.

Re:We need to protest

[professorguy]

That'll teach them to nail innocent admins for things managers with admin or root access have done

I'm pretty sure all that'll teach them is that you're too hotheaded to have any real responsibility.

.

Instead, do the exact opposite:

#1 Make sure all the equipment is in perfect working order.

#2 Give competent co-workers all the information they need to do your job.

#3 Then take a week off to hold a sign up outside the SF courthouse.

And don't expect me to take down my hospital for ANY reason.

Re:We need to protest

[Orion+Blastar]

Nah my way is better, they'll be forced to do everything with pen and paper. It will be good for them. The Amish call that idleness which is a sin one should be shunned for by the community. :)

"And don't expect me to take down my hospital for ANY reason."

Yes sir, Dr. Gregory House, MD, sir!

Re:We need to protest

[Orion+Blastar]

Yeah I guess you are right, leave everything running and let the managers try and figure it out.

"Gee I wonder what FDISK does?" down goes the file server.

I recall managers from my former jobs used to get their workstations infected with worms that sent out infected email to everyone on their Outlook address book. I knew something was up when the Vice President of IS sent me 24 messages all with the subject "I Love You!" on them. :)

what really happened ..

[viralMeme]

No one bothers to tell Childs that former co-worker, Jeana Pieralde gets promoted to Chief Information Security Officer, despite no role actually existing up to then. She then sneeks back in after hours and is caught remoiving a harddrive. Childs photographs her and next think in in the clink on $5,000,000 bail. If was only retrospectively that the City realized that this 'rogue' administrator had been recalcitrant "Over the last months" ..

Plural?

Infoworld has also conducted an interview with Childs

Shouldn't that be "children"?

Book smarts versus street smarts

He is certainly book smart but many many technically inclined street smart people will not touch such jobs with a ten foot pole specifically for reasons like this.

By Law? Sources?

[hellfire]

What law says "you must hand out a password to your boss when he requests it or you will be prosecuted as a felon"?

The lawyer in the referenced articles has stated "The response to suspend him was arguably legal. The response to prosecute him is not." That means, if you don't give up a password, you can be suspended or fired, as you could be in any job, but that doesn't mean you can be prosecuted. If you use those passwords for nefarious means after you are fired, then yes you can, but so far the articles don't point to anything Child's did. There have been some wild claims, but InfoWorld has a special report page with articles that seem to call into question the accusations that are being leveled at Childs.

He's not required to presume innocence

[Sycraft-fu]

Courts are. Seems many people on Slashdot misunderstand the whole "Guilty until proven innocent," thing. What that is, is a simple way of stating how burden of proof works in our court system. In US courts, the defense isn't required to prove anything. The defense can present no case at all and the defendant can still go free. The reason is they have no burden. The burden of proof is on the state, the prosecution. They have to prove that the defendant is guilty. So they can't just walk in and say "We accuse the defendant of doing X," and leave it at that. They have to present evidence to prove their case. Thus by design a defendant in court is presumed innocent. Proof of guilt must be offered because a not guilty verdict the the default in absence of proof.

That's all it means. It is just a simple way of summing up our court system. It is NOT a command to the population at large. Individuals are free to believe what they wish, and use whatever standard for evidence they wish. People aren't required to view everyone as innocent until proven guilty in a court of law. They are welcome o hold opinions as they see fit.

So please, but the crap with this. If you think the guy is innocent, or wish to reserve judgment until later, that's wonderful. If others don't, that's also fine.

Re:He's not required to presume innocence

You're forgetting the 'Court of Public Opinion'. Which, depending on who has been arrested and what they are accused of, might hold worse scrutiny there, than in the Court of Justice.

I'm not saying that is the case here, but we're on the outside looking in, remember. Unless you are Childs, or one of his PFY's, we'll never have an accurate portrayal of the position Childs was in.

Re:He's not required to presume innocence

[Korin43]

You're missing the point. Why does the court have to assume that people are innocent until proven otherwise? Because it makes sense. If the police arrest someone, you should wait until they actual present their case to decide if the person is guilty. Sure, there's no legal requirement for you give people a chance to defend themselves, but if you don't, you're still a douchebag.

Re:He's not required to presume innocence

[DancesWithBlowTorch]

That's all it means. It is just a simple way of summing up our court system. It is NOT a command to the population at large.

You are painting a pretty bleak picture of this society. Of course everyone is free to believe whatever they want. But in a civilised society, under the rule of law, we like to let the law rule. That includes giving every man a chance to state their cause in court before judging them. That is indeed a "command to the population at large", although a moral one, not a legislative one.

Re:He's not required to presume innocence

[Idiomatick]

But... courts work that way because it makes logical sense...

Re:He's not required to presume innocence

[mattwarden]

Parent believes everyone should presume innocence until it is proven otherwise. For you to say he can't believe that because everyone is entitled to their opinion is a bit hypocritical.

Re:He's not required to presume innocence

[AK+Marc]

You're missing the point. Why does the court have to assume that people are innocent until proven otherwise? Because it makes sense.

It only makes sense because it's what you believe.

If the police arrest someone, you should wait until they actual present their case to decide if the person is guilty.

The cops presumed them guilty, or they wouldn't have arrested them. So you are already working under a broken premise. Also, court findings are not fact. They either did or did not do what they are accused of. If they did it, that was either against the law or not against the law. Courts find whether the prosecution proved, beyond a reasonable doubt, that the accused did what they are accused of and that it is a violation of the law the prosecutors assert. If they are found to have performed the act, but it wasn't against the law, then they would have been found "guilty" of performing the act, but not guilty of the crime. And even if they found not guilty, that doesn't mean they didn't do it, but that it wasn't proven that they did it.

How about O.J. Simpson? Let's say that he did it. He wasn't found guilty. But that doesn't mean he isn't guilty of committing the crime, just that his guilt couldn't be proven in court. Whether he performed the act or not is *never* changed by the finding of the court. Thus the court isn't a useful gauge of the guilt of someone. It may be highly correlated with guilt, but it never determines it in fact.

Sure, there's no legal requirement for you give people a chance to defend themselves, but if you don't, you're still a douchebag.

Courts are charged with keeping innocent people out of jail. As such, they have a high standard for findings. Civil cases and most people's minds work on a different scale. You just determine which was more likely and that's the answer. It's more likely than not that O.J. Simpson killed. He had a ruling against him in civil court with the reduced standard. So does that mean he killed? Well, he was found not guilty in a court with a higher standard. I'd guess that most people think he did kill. The courts determined he was "responsible." But there wasn't enough to "prove" that he did it.

That's the way it is supposed to work. Everyone thinks you are guilty, but you aren't in jail because they couldn't prove it. If it can't be proven, then you shouldn't spend time in jail. If it is most likely, then there's no reason people shouldn't think you did it. "Presumed Innocent" is a legal standard used in order to give a fair trial. "Presumed Guilty" would have the accused always denied bail, show up in court in prison clothes, and reduce the standard of proof needed to convict. We don't want that, so in court (and only in court) the accused is "presumed innocent." That legal stance is not used anywhere else. Not by the police, and certainly not by the population as a whole.

Re:He's not required to presume innocence

[vertinox]

That's all it means. It is just a simple way of summing up our court system. It is NOT a command to the population at large. Individuals are free to believe what they wish, and use whatever standard for evidence they wish. People aren't required to view everyone as innocent until proven guilty in a court of law. They are welcome o hold opinions as they see fit.

When juries are composed by individuals of the population at large, I would hope they will take the "innocent until proven guilty" into consideration if I have to sit on the receiving end of their decision.

I know the judge does instruct juries to keep this in mind (I've had to go to Jury duty like everyone else), but if the general population has already made up their mind about someone before sitting in on the jury then that is a bad habit for the general population to have.

If you are ever accused of a crime you did not commit, then I suspect you too hope the population at large does not simply make up its mind about you before your case is presented.

Re:He's not required to presume innocence

[AK+Marc]

But in a civilised society, under the rule of law, we like to let the law rule.

The law doesn't determine right and wrong. It may reflect it, but it isn't the moral compass.

That includes giving every man a chance to state their cause in court before judging them.

Why? Courts have standards. If someone is guilty. They admit their guilt. They are found with the body. There is a videotape of them stabbing them. There are 1000 witnesses, including the President, the Prime Minister and the Pope. And yet, someone could be found "not guilty." Would you say that the "not guilty" verdict means they didn't do it? That has to be your stance, or else the law is meaningless. I can believe them to be guilty even if the findings are the opposite. That's called freedom. Freedom of thought is more important than the law. I'm free to judge. That I don't judge on your schedule doesn't mean I'm wrong, it means I'm different than you. Differences happen, and shouldn't be bashed just because it isn't what you'd do.

That is indeed a "command to the population at large", although a moral one, not a legislative one.

It was never meant to be. It's a standard to preserve the rights of the accused while in the courtroom and *only* in the courtroom. The police don't assume someone is innocent, or else they'd never arrest them. The papers don't actually believe innocence or they'd refer to every story about someone charged with something as the "wrongfully accused" rather than just "accused." No, they presume guilt and pretend fairness, just like everyone else on the planet but you. I hear "they wouldn't have arrested him if he didn't do something" much more than "those police never get the right person."

Re:He's not required to presume innocence

So please, but the crap with this.

WTF does *that* mean?

Re:He's not required to presume innocence

[mangu]

Why does the court have to assume that people are innocent until proven otherwise?

Because it's the state against an individual. "Innocent until proven guilty" is a way to try to rebalance a situation that's rather unsymmetrical: a state organization with enormous means at its disposition is accusing one person. When the state investigates, they can put thousands of officers at the job. They have the power to go anywhere, interrogate anybody, investigate everything.

The accused is alone. No matter how rich he is, he runs the risk of going bankrupt if he tries to match the state in its investigations. And he could go to jail if found guilty. Therefore, it's only fair to give the defendant the benefit of doubt in court.

It's a different situation when it's a citizen against another. I have the right to form an opinion on whether someone is guilty or not without giving him all the leeway a court needs to give, and I have the right to tell my opinion to anybody who will listen. It's not as if my opinion could send anybody to jail.

Re:He's not required to presume innocence

[DancesWithBlowTorch]

You don't seem to have read my post.

To my claim that in dubio pro reo is a moral imperative to the general public you reply

It was never meant to be.

Which implies that there is some moral authority who gets to decide what a particular moral concept is "meant to be". On the other hand, you write

I can believe them to be guilty even if the findings are the opposite. That's called freedom. Freedom of thought is more important than the law. I'm free to judge. That I don't judge on your schedule doesn't mean I'm wrong, it means I'm different than you. Differences happen, and shouldn't be bashed just because it isn't what you'd do.

which claims the exact opposite: That there be no moral authority whatsoever.

Let me make my point clearer, since you seem to have missed it: Assuming someone's innocence until they are found guilty is a moral imperative, more so than a legislative one. It is founded on the categorical imperative: A society without this rule is a community of witch-hunters, where everyone can accuse anyone of everything. We don't want to be accused without a chance to defend ourselves, therefore we should not accusse others without a fair trial.

This has nothing to do with your personal freedom to think whatever you please about your neighbour. Instead, it is about your personal right to defend yourself, and be defended from prejudice. You cannot claim this right for yourself while simultaneously claiming a right to spread prejudice about others.

Re:He's not required to presume innocence

[arekusu_ou]

Wow sounds like you're against presumption of innocence (outside of court). Lets hope you're never falsely arrested or framed for child porn. Get off. And have everyone believe you were guilty and only got off because of a technicality, ruining your life for something you didn't even do. And then make a Lifetime movie out of it.

Personally with Childs. Isn't it just as likely, the city screwed up with their procedure, and looking for someone to blame?

If I was suddenly and viciously laid off from my company without a good reason, I'll likely walk away and not offer additional help. All the network passwords with us are in encrypted password protected files on their flashdrives in one of their desks but like most bosses, they probably forgot about the password, then they're SOL. I might even mess with them by telling them the wrong password to the file and laughing after. Doesn't mean I did anything wrong before or after I was fired, just being uncooperative after I was fired.

I'm not saying that Childs doesn't have an axe to grind, but to assume he's guilty of maliciously screwing with what he was hired to maintain on circumstantial evidence is weak and unfair.

Re:He's not required to presume innocence

[AK+Marc]

Which implies that there is some moral authority who gets to decide what a particular moral concept is "meant to be".

I'm sorry, I thought we were talking about "presumed innocent." That's a legal concept, not a moral one. I treated it as such, and you became quite confused. I guess because you think it is one, and are complaining that I'm not treating the legal concept as a moral one.

which claims the exact opposite: That there be no moral authority whatsoever.

Yes. That's it. There is no "moral authority" in legal concepts. You seem to understand my points quite clearly, but your response is "my opinion differs from yours, so you are wrong."

Instead, it is about your personal right to defend yourself, and be defended from prejudice.

Prejudice is a good thing. It's a great thing. It's necessary for functioning. I'm prejudiced in that I think bankers are more likely to commit embezzlement than cartoonists. It is based in fact, because bankers have greater opportunity and because they are actually convicted more. But if I run across a cartoonist and a banker in a room, I can quietly say to myself "if one of those two is embezzling, my money is on the banker." And I'm prejudiced because of that. If I see someone stumbling while walking and talking with slurred speach, I suspect they are drunk. Sure, they could also be suffering a stroke, but I'm prejudiced into thinking that stumbling/sluring people are drunk. Prejudice is something that is a great and necessary thing. If we evaluated every situation we were in 100% before acting, we'd never get out of bed. Instead, we operate off probabilities, and give it our best shot. Whether it's dealing with traffic, coworkers, news stories about people that may have committed crimes, or whatever. We make our best guess and move on. If more information comes along later, we will evaluate it, but we make decisions before we have 100% knowledge. It's called being human. You should try it sometime.

Re:He's not required to presume innocence

[AK+Marc]

Wow sounds like you're against presumption of innocence (outside of court). Lets hope you're never falsely arrested or framed for child porn. Get off. And have everyone believe you were guilty and only got off because of a technicality, ruining your life for something you didn't even do. And then make a Lifetime movie out of it.

That happens whether I believe in presumption of innocence or not. So why is my personal belief in that an issue?

I'm not saying that Childs doesn't have an axe to grind, but to assume he's guilty of maliciously screwing with what he was hired to maintain on circumstantial evidence is weak and unfair.

Non sequitur. I'm talking about the presumption of innocence. It's a legal instruction, not a moral imperative. I think Childs is not guilty of any crime. He's not been accused of any crime that he had the opportunity to commit. There is no assertion that he accessed the network without permission, nor that he took any action that degraded its performance. The worst thing he did was to say "no" to a former employer. But for Hans Reiser, I thought he was guilty the first time I heard anyting about the case. His statements and actions were aligned with that of a guilty person. There was evidence pointing to him, and little pointing elsewhere. I said so on here multiple times, and people responded with the "you have to presume him innocent." Hell no. He most likely did it, so I can voice my opinion that he's the most likely to have committed the murder (and that it was murder, since she was just "missing" at the time). I don't have to presume innocence. I get to take in all the information available and make a logical determination. It's most likely that Hans did commit murder. The same is true of how I evaluated OJ. He most likely did it. They weren't able to get a guilty verdict like they did with Hans, but I have less than a reasonable doubt that O.J. Simpson committed murder. It doesn't matter that all the information for both OJ and Hans was circumstantial.

Most cases have almost all the evidence being circumstantial, and circumstantial evidence is more reliable than things like eye witness identification of strangers. Finding the body under your house with your bloody fingerprints all over it, the gun, registered in your name, next to the body with a note that says "I did it" with a photo of you and bloody footprints from the body to the shoes that are on your feet as you sit on the couch typing on Slashdot when the police bust in your door. Oh, and you have gunshot residue on your hands. And you told someone yesterday you were going to kill her that night, with a gun, while wearing your favorite Nikes and leave a picture of you next to her with a note that you did it. And that's all still "just circumstantial." Would you think that person innocent? Or might you think they probably did it?

Re:He's not required to presume innocence

[rtb61]

Well in the case he most likely is guilty, of being a bit of a control freak. After having read the complaint, it seems much more like he over stepped his bounds and certainly did not display the best attributes of a system administrator and became far to bound in achieving perfection on 'his' network (in terms of ownership of effort) and became paranoid about it, it would seem from the interview that his psychological state has stabilised since he is no longer up pressure to maintain security of the system and responsibility that he obviously took far to seriously (life or death) and became paranoid about it.

So definitely a breakdown in communications and personality clashes as a result but hardly a criminal offence or even criminal intent. At the very least a temporary mental aberration and paranoid behaviour as a result of attempting to maintain network security is a reasonable defence. One needs to develop a sense of humour when it comes to network admin, one thing I did to relieve the stresses was to print out a large format copy of the Windows EULA and put it on the wall next to my desk. What you expect me to keep this network running, just look at the warranty put out by the manufacturer of the operating system you are using, it is a miracle I can get it to work at all ;D.

Pretty much

[Sycraft-fu]

People always need to remember you don't own the stuff at work, the company does. Thus it isn't up to you to decide what goes on with it, it is the company's. That means if they wish to make a bad decision, they can. If the owner decides that the root password should be "password" and further that it should be posted on the wall, well that's his decision. You can and should tell him why that's a bad idea but if he says "I don't care, do it," then it over. You can't tell him no, because it isn't your stuff, it's his stuff. You can, of course, quit (and I probably would in that situation), but you can't just refuse and say "It's for your own good."

Now in the scheme of a large company where you don't deal directly with the owner, it is still the same thing. Whoever their designated representative is, makes the decisions. So if you are given a stupid order you tell your boss it's a bad idea. He says do it anyways you go up to whatever level is appropriate (IT supervisor maybe, CEO maybe) and make your concerns known, but you do your job. If they want to be dumb, they can be dumb. Not your place to tell them they can't, and indeed it can be illegal.

Re:Pretty much

[Vancorps]

Where do people get this impression that the company owns everything you do?

This is simply not true by default in the U.S. legal system. It properly does vary a bit from state to state but for the most part things like email are owned by the employee unless specifically stated and agreed upon before employment began.

When you're in IT some things get gray real fast. For instance, my title is network engineer. I write a lot of my own scripts to automate tasks. That code is mine because the company isn't paying me to write code. Our programmer is of course under different restrictions based on who's equipment he's using. Of course it's further grayed by the fact that we both often use our own equipment on company time because it suits a particular need at the time. The issue is quite muddy then on who's is what as far as coding goes.

Things like root passwords should be locked in some sort of safe somewhere in case of emergency but personal passwords should never be stored for any reason and they can't require you to give it up although they can certainly change it anyway and impersonate you despite not giving up passwords. In the end its all about principle.

I half agree with you and half disagree. If a non-technical executive is giving you technical orders then disregarding is often the best policy. The owner of my current company wanted full admin access to all the files on the network. I knew this was inherently dangerous as he in the past has accidentally deleted over 200gigs of content while his computer wasn't behaving at home. Instead I built him a file-server and copied all the data over to it and gave him full access to that so he can't harm production.

There are situations where you do have to give in but in most situations I've ever been in at least standing your ground does a lot more to change things than just bending over and letting an idiot decide password should be the root password.

Re:Pretty much

[The+Notorious+ASP]

Except in a public company, the final word isn't work the IT supervisor (or even CEO) - it's with the shareholders.

The correct answer (and what I have done in the past) is to call internal audit and run it past them. When it bubbles up that not having controls around powerful accounts is going to show up as an exception on your SEC filing the tune will change.

It is everyone's responsibility, network admin up to CEO, to protect the stakeholders.

Re:Pretty much

[multiOSfreak]

Well said, Sycraft.

I run into the same situation at my job. Some people just refuse to accept that no matter how dedicated they are to their job, at the end of the day, what the CEO says is what must get done. Even if it's stupid, it still must get done. Try reasoning with management, if you must/dare, but do what it is they ask regardless of how idiotic it might seem at the time.

If you want to call all the shots at work, start your own business. Otherwise, do what the check-signers say (unless it's patently illegal).

Re:Pretty much

[mrchaotica]

If the owner decides that the root password should be "password" and further that it should be posted on the wall, well that's his decision. You can and should tell him why that's a bad idea but if he says "I don't care, do it," then it over. You can't tell him no, because it isn't your stuff, it's his stuff. You can, of course, quit (and I probably would in that situation), but you can't just refuse and say "It's for your own good."

You know, this is exactly why professions other than IT have professional licensing. For example, a civil engineer could refuse his boss's request to design an unsafe structure. In fact, he's obligated to refuse, because to do otherwise would get him kicked out of the ASCE and sued. Ditto with doctors and lawyers.

Now, why doesn't IT have something equivalent to this??

Re:Pretty much

[sudotron]

While in a private company you may be obligated to do what your supervisor tells you, even if it is incredibly stupid, this is a somewhat different situation, being a public government. The true facts of the case aside, it would be nice if more public employees felt some sort of responsibility to the people that pay their salaries.

Re:Pretty much

[AK+Marc]

Thus it isn't up to you to decide what goes on with it, it is the company's.

But what if, say, your manager makes a decision that's bad for the company? If your responsibility is to the company, then you shouldn't do what your manager says. You should do what "the company" wants. "The company" isn't any one man. It isn't even the CEO or the chairman of the board. It's the creature that consists of all stakeholders.

Now in the scheme of a large company where you don't deal directly with the owner, it is still the same thing. Whoever their designated representative is, makes the decisions.

He worked for the people. I'm sure he decided that informed people would agree with him, and not his boss, so he did what he thought was best. The "shareholders" of the Government of San Francisco would have wanted it that way.

Re:Pretty much

[riegel]

Now in the scheme of a large company where you don't deal directly with the owner, it is still the same thing.

Possibly. Not sure I agree on this point. Regardless this is not a large company this is a governmental entity. If President Obama wanted the password to a router in my hometown and one for which I controlled then he would not get it unless it was an executive order. Not sure anything like this happened in this case

Re:Pretty much

[Arterion]

It comes back to this: If you give out the passwords, or perform some task, who is going to take the fall for it.

If it's you, then you're in a lose-lose situation, and there needs to be some kind of protection for situations like that. I don't know that this is one of those situations, but I can see that, had he given up the passwords, they likely would have been coming after him when they admin accounts were misused and problems ensued.

I make it very clear at my work that if they do something I tell them is stupid, and it fucks up, don't come crying to me to fix it after hours or before the next business day. I'll work on it at a normal pace on my normal shifts, but I'm not coming in after hours to fix something they made me break unless they're going to pay me consultant rates to do so.

Re:Pretty much

[Sycraft-fu]

Sorry, but if you wrote those scripts on company time on company hardware, the scripts belong to them. It was a work for hire.

Now suppose you write the scripts on your own time, at home. Ok then the script is yours. However if you go and give it to the company to use, that copy is theirs. As per copyright law they can't go and distribute it and sell it and such, but they get to keep it unless you had another agreement in place before hand. You can't give them the script and then take it away later just because you feel like it.

However none of this matters as it relates to access to systems they own. The company DOES own all systems they purchased. Doesn't matter how much you like the system, how much you use it, it belongs to them. Thus who gets access and how is up to them. They can decide to make you the only person with the passwords, they can decide everyone in the world gets the passwords. They can do the right thing, or the wrong thing, it isn't up to you.

You can, of course, advise them, try and offer alternatives, explain why their way of doing it isn't the best, but you DO NOT have the right to lock them out of their own systems, even if you believe it is for their own good. When they want the password, you have to give it to them. You are welcome to quit if you think it is a really bad idea, but you can't refuse to hand it over if that is what they finally demand.

Re:Pretty much

[Mista2]

Where I work, I am employed by a company that is contracted to run all the IT services for a government organisation. On our campus a re multiple parties, all with their own equipment, some of it not under our control.
None of the senior management at the client have admin access, they are all just normal users with the permissions to do their jobs, however in our team, there are several people who do have admin access, and where possible, we use individual accounts and even we don't know the "Admin" password.
However switches and routers are a bit special, they have a terminal password to allow remote access or through a local serial connection, and an "enable" password to give root access. Until now we have had common telnet/ssh passwords and common enable passwords, and these stored in a safe place. Only recently have we implemented an additional step where the enable password will now be our RSA tokens. Anyone placed in the right group will be able to administer a switch.
Critical systems are monitored for tampering so we will be alerted if a config changes to allow simple password auth.

In this case it just seems like incompetence on many level where one person had all of the keys, and that was it.

Hello from Texas

[jeko]

It also stems from the fact that we don't lock up innocent people in the western world.

Thanks. I just sprayed coffee all over my keyboard. Let me try this in a dialect you might understand.

Son, not only do we lock up innocent people here in the US but, Hell, in Texas we've condemned men to die when their defense attorney didn't even show up in one case, or showed up too drunk to stand straight in another. Up there in Yankeeland, they just caught a judge getting commissions from the prison for sending kids to jail.

Pound for pound, we lock up more people than the Russkies and the Chicoms COMBINED ever did. What, you think they're all guilty? You think Americans are just that much more sinful than all them godless heathens combined?

Re:Hello from Texas

[tnk1]

Pound for pound, we lock up more people than the Russkies and the Chicoms COMBINED ever did.

Correct. The Soviets and the Chinese did not, until recently, waste time locking up people like this. They shot them.

Re:Hello from Texas

[Eil]

Pound for pound, we lock up more people than the Russkies and the Chicoms COMBINED ever did. What, you think they're all guilty?

"Pipe down, we have a business to run here." --Corrections industry

Re:Hello from Texas

[element-o.p.]

I think Inda omitted the "/s" tag. I didn't think it was necessary, but I could be wrong...

Re:Hello from Texas

You forgot the /slimpickens tags on that!

Re:Hello from Texas

That's because the Russians and the Chinese make people disappear instead of locking them up. It certainly is a lot cheaper.

Re:Hello from Texas

Er, woosh.

I hope.

Re:Hello from Texas

"You think Americans are just that much more sinful than all them godless heathens combined?"

Yes, obviously.

Well let's take a physical analogy

[Sycraft-fu]

Suppose you hire me to secure your valuables for you. You have a locked storage unit, and it is my job to keep they key and only let you and those you say are ok in. I do a good job keeping the place secure. However, at some point you change your mind. You don't want me to be the sole keeper of the keys. You want to have the keys yourself, and make a few copies for trusted friends. So you tell me "Give me the keys, I need to make a few copies." I tell you "No, it isn't secure for you to have the keys, I'll keep the only set."

This sound ok to you? You ok with me deciding that I get to be the sole arbiter of who gets at your stuff?

Well this is a very similar situation. As a network admin, the computers and networks at the company don't belong to you, they belong to your employer. Thus your employer gets to decide what to do with them. That can include making bad decisions. While you certainly should let them know if they are bad decisions, you don't get to tell them "No you can't do that." You can say "No I'm not going to do that, find someone else," and quit, but you can't simply refuse their request and try to prevent them from doing it. It isn't your stuff, you don't get to make the choice.

Re:Well let's take a physical analogy

[Todd+Knarr]

That depends. Are you still holding me solely responsible for keeping the unit secure, and responsible for anything that happens to the contents? If you are, then no you aren't going to get the keys to make copies to hand out. The only way you get the keys to give to other people outside my control is if you no longer wish me to be responsible for the unit, at which point you get all the keys and all responsibility and I no longer have any access. And you'll sign a paper saying you've accepted the keys and checked them and all copies you gave me are present and accounted for.

No, this isn't a theoretical situation. It's my SOP for turning in keys, access cards and the like when I leave an employer. I follow a similar procedure for passwords: if access hasn't already been disabled, a responsible party (manager or HR rep) will be present as I reset the passwords on my accounts and they will select and enter a new password which I will not know. Either way, there's also a piece of paper listing every account and they'll indicate on it how access was disabled and sign it certifying I no longer have access to those accounts. That all insures I have solid documentation of when my access ended if anything happens after I've left. Part of being a professional is not being made a convenient scapegoat.

NB: there's generally at least one account on my list that the company had forgotten they'd given me access to, leading to inevitable drama and my pulling out the e-mail documenting when they gave me the access.

Re:Well let's take a physical analogy

[weiserfireman]

add in that not only did they hire you to control access to the storage unit, but they asked you to make a key.

Now really complicate the situation, people had access. People walked in and out all day every day. The information they wanted was always available.

Then one day they noticed that while they had access to the light switch, you had locked the circuit breaker panel. To improve security, you had designed some guarded panels that would seal the room from anyone gaining access for any reason, and the controls for those panels were in the circuit breaker panel that you had the keys for.

Without asking for training, firing me, or any other normal action, an employee of yours asked me for copies of keys to the circuit breaker panel. Oh, not just for me, but for these 7 or 8 random people in this room, but some random people at the other end of the phone too.

It gets more complicated.

Re:Well let's take a physical analogy

[AK+Marc]

As others have pointed out, the manager's request was illegal. The manager was requesting that the employee provide passwords to people that weren't "authorized" and that is as illegal as if he gave the passwords out to his friends or 4chan. Also, the employee was being asked to provide keys to people that don't know how to work locks, doors, and if they were to use them would have a high probablity of damaging them, yet the employee was still solely responsible for any damage that may happen. His response was essentially "I can't do my job if you require that, so I won't comply." So the city said "You're fired, oh, and since we own the police and courts, we'll toss you in jail and even if you are innocent, you'll spend a year or more in jail because we don't like anyone that acts with ethics."

Misuse of a jail cell

[axehind]

I can understand him being in trouble, but to keep him in jail?
He isnt a threat to society. This is why our jails are overcrowded.....

Re:Press Interviews while incarcerated

[hamburgler007]

No lawyer worth his salt would advise his client to give an interview like this pretrial. For whatever is motivating him, he probably did it against all legal advise. With that said, I don't believe Childs at all. It just doesn't make much sense, and it seems much more likely he is trying to cover illegal activity.

Free Him

[TheNinjaroach]

Free Terry Childs.

Re:Free Him

[The_Other_Kelly]

I mentioned earlier that I am starting to think that I would salute Mr Childs.

Well, I just read the DA's complaint, the arrest report and the bail denial.

And now I *definitely* want to shake his hand.

He's taken the Hard Road.

Free Him!

Start the perjury investigations into the 2 managers involved.

Free Terry Childs!

Re:Free Him

[Duhavid]

Someone needs to write a catchy song about it....

sliding scale traffic tickets

[loshwomp]

I've heard that in some countries, traffic fines are proportional to one's income. I wish we'd institute that system here.

Re:sliding scale traffic tickets

[NFN_NLN]

I've heard that in some countries, traffic fines are proportional to one's income. I wish we'd institute that system here.

Great instead of "Bum Wars" videos we'll be flooded by "Bum Races".

Synopsis: Homeless people are given the keys to beater cars while independent film-makers document their struggle.
- The first rule of Bum Races, there are no rules.
- The second rule of Bum Races, the first one to make it to McDonald's get a free Happy Meal.

Re:sliding scale traffic tickets

[darthnoodles]

How about a $71,400 speeding ticket in Finland? http://www.stayfreemagazine.org/public/wsj_finland.html

meanwhile, back in the real world...

[mkcmkc]

In the U.S., less than five percent of cases go to trial. That means that less than five percent of people ever test the presumption of innocence. Why? Maybe because they're guilty . . .

A little research will uncover the answer. Say the police break down your door one early morning, shoot your dog, and cuff you and your family. They have an informant that says you're involved in the meth trade. They take it to the DA, who can see it's bullshit, but DA's are measured in pleas and convictions, so he offers you a plea. You can cop to some minor class-D felony and three months in county. Or you can take it to court and put yourself at the mercy of 12 random citizens and/or a judge. Win or lose, you're out your job, your house, quite possibly your spouse, and your life savings. (Not to mention other details not suitable for this family publication.)

If you've got any sense at all, you take the plea. Why? Maybe "because you're guilty...".

That's how the presumption of innocence really works.

Re:meanwhile, back in the real world...

[Rich0]

Yup. Look on the PBS Frontline website for their recent episode on Plea Bargains (you can watch it online). It is a real eye-opener.

One woman was clearly falsely accused but was convicted. It became fairly obvious that she was falsely confused, and so the DA offered her a plea bargain for time served if she pled guilty (one of those cases of the DA being more concerned with a win/loss record than justice). Due to her religious convictions she did not want to plea guilty since she would have to lie and confess to a crime she did not commit. She lost her appeals and is still in prison for a crime she professes she did not commit, and she could have been free today if she only confessed to it. What motive could she possibly have for not confessing, other than a desire to be honest? And yet as a society we both punish her and bear the expense of imprisoning her.

Plea bargains are a the natural result of barter between somebody with everything to lose and somebody with nothing to lose. Threaten an innocent person with 30 years in prison and they have tremendous incentive to accept a year or two of punishment for a crime they didn't commit. Sure, in some cases I think that plea bargains are a good concept, but they're being wielded in a fundamentally unfair way. It should be the goal of the DA to seek justice, not convictions.

Re:meanwhile, back in the real world...

[rantingkitten]

For the day to day legal BS average people are likely to encounter the situation is just as bad. I doubt the police are going to break down my door and accuse me of running a meth lab, but let's look at something as common as traffic violations.

Your court date will roll around and you'll plead not guilty. A trial date will be set, meaning you'll have to schedule your life around that, and try to get a lawyer to help. The average person isn't expected to fully understand the law, because it's so nuanced and convoluted, which is why defense attorneys with years of specialized training exist. The average person is expected to fully abide by the law he doesn't understand, though, which may suggest a problem with the system, but nobody will question it during this process.

On your trial date you'll speak to some self-important prosecutor or solicitor who acts on behalf of the government. He'll treat your minor case like it's the crime of the century. Depending on your demeanor he may offer a deal of some sort, which usually entails you pleading guilty to a somewhat lessor offense. What he probably won't tell you is that if you reject this offer, and make him go through the hassle of an actual trial, he'll push for the maximum possible punishment the law allows, regardless of any circumstances up to that point, because he doesn't want to do more work.

This is justice in America.

If you take his deal, you've just pleaded guilty to an offense you may not have even committed, and is probably something so stupid no one should care even if you did do it, but you're intimidated into the plea by his legal jargon and the fact that, as an average Joe, you don't have the time, money, or resources devoted to fighting it. You'll pay a few hundred dollars in fines and be on your way, with an arrest record, a criminal history, and completely out the hundreds you spent for the bond, the fine, the impound, the attorney, and anything else. The state will pat itself on the back for a job well done for cleaning up the mean streets of dangerous scum like you.

If you don't take his deal you'll be put on trial. For minor offenses you may not even get a jury of twelve average Joes who will sympathize with you; the state has found a loophole and called this an "administrative matter", meaning you'll get tried by a judge, who will claim to be impartial but is on the state's payroll and has a vested interest in making sure things turn out in the state's favor, not to mention his clouded view of every person who appears before him as a criminal.

The judge will ignore everything you say, and your attorney will be mostly powerless since the time for deal-making is over and all he can do is try to object to the prosection's evidence. There will be little evidence to which he can object, though, since for most minor offenses there aren't any significant witnesses or material bits of evidence. Nothing but the policeman's word and charge on the books, often, and this will be taken as wholly sufficient to pronounce you guilty, whereupon you'll pay a huge fine, face possible jail time, and be in worse shape than you had you just meekly submitted instead of trying to assert your right as an American to a fair and impartial trial.

If you're very lucky, you may win your case and be pronounced "not guilty". You spent time in jail, have an arrest record, paid a pretty penny to bondsmen and lawyers and impound lots, had to take time off work, stressed the hell out of yourself dealing with this. Thousands of dollars later the state will send you on your way without so much as a "sorry about the trouble".

This is justice in America.

Create thousands upon thousands of arbitrary, meaningless laws which serve no public good, which citizens can't keep track of or reasonably comprehend, then leap out from behind the bushes to scream "GOTCHA!" when they may break one, rubbing your hands with glee that you can extract more money from the citizens. Punish them for daring to question the authority of the state. That's justice in America, and when you create laws just for the purpose of turning otherwise normal people into criminals, you cause them to lose all respect for the law.

I did, long ago.

Re:meanwhile, back in the real world...

Not at all.
 
What they really say is,"If you don't plead guilty to this, this, and this, we will charge your wife as an accessory and remove your children into the state custody." I watched a guy plead guilty to about thirty crimes he had never committed to protect his girlfriend once. Most of those charges the police just wanted off their books.

I'd have RTFA

[edraven]

If I could C TFA...

We are guilty. That's the REAL problem.

[professorguy]

What, you think they're all guilty? You think Americans are just that much more sinful?

Yes, Americans ARE more guilty. That's due, of course, to having enough laws on the books to guarantee you are always guilty of SOME crime. How many laws do we have? Just enough so you can reasonably be charged AT ANY TIME.

If others don't think the guy is innocent...

... they are just stupid morons, as they certainly have _exactly_ the same amount of information as I have: a few news articles. Hardly enough to form an opinion. As I said. Stupid morons.

Re:If others don't think the guy is innocent...

[Toonol]

No, they're morons if they're positive he's guilty. Thinking he's guilty is a reasonable conclusion based on what evidence they've seen... so long as they remain open to revising they're view as more is learned.

People aren't courts of law, and we would not be able to function if we were held to legal standards of proof in all our beliefs and decisions.

Re:If others don't think the guy is innocent...

Thinking he's guilty is a reasonable conclusion based on what evidence they've seen... so long as they remain open to revising they're view as more is learned.

That is a pretty peculiar application of the word "reasonable".

The reasonable thing here actually is to admit that you do not know.

I know, it is mind-boggling, a human being is entitled to admit that he does not know something. Instead of jumping to conclusions, depriving a guy who has not had a chance to lay out his view of the situation to you of a good reputation.

Because that is exactly what you do when you think that he is guilty, without a proper insight into facts: you are destroying a reputation.

So the label I gave you still holds.

Re:If others don't think the guy is innocent...

[Toonol]

I can think he's guilty without knowing he's guilty; there's no contradiction there. Having incomplete knowledge of a situation doesn't mean judgment can't be made; rarely is a judgment made any other way. The problem isn't holding an opinion, it is only holding an opinion contrary to new facts that present themselves, or believing that your opinion is certainly true. You can believe something while realizing you may be proven to be wrong. I know I'm surely wrong about some beliefs I have, but there's no belief I have that I know I'm wrong about.

Actually, you've just rebuilt the classic argument

[jeko]

...against plea-bargaining.

In the U.S., less than five percent of cases go to trial. That means that less than five percent of people ever test the presumption of innocence. Why? Maybe because they're guilty . . .

Amazing. You just asserted that presumption of innocence is a reality, and in the same breath insinuated all people who go to trial are guilty. If Einstein was right, and genius is the ability to hold two contradictory ideas in your head at the same time, then your mental acuity is astonishing indeed.

The whole point of plea bargaining is to reduce the number of cases that go to trial. Plea bargaining works because you can't predict the jury's decision with certainty. If you look at the possible outcomes of plea-bargaining, it guarantees innocent men will end up in prison.

Suppose you're innocent. Suppose you're innocent, but unlucky, and the circumstances make you look guilty. Suppose you're an unpopular minority. Suppose you pray to the wrong god. Suppose you're just ugly. Suppose you just look like "that type." Suppose you don't come from around here. Suppose you've never caught a break in your life. Suppose there are any one of a million reasons why twelve random people off the street could drop you in a hole without any good reason and not lose any sleep over it.

Suppose you have children. Suppose you have family who depend on you. Suppose The Authorities come to you and tell you, "Boy, you don't push us on this, and we'll let you out in a couple of years. But if you make us go all the way, we'll make sure you don't ever see the light of day again, and when we put you in jail, we'll make sure Bubba is waiting for you with a dress."

Take a random sample of a thousand innocent men, and sure, some of those men will have the moral courage and fortitude to tell you to go to Hell and take me to trial. Some of those men will lack that courage, and take your bargain out of fear. Most of those men will run a quick and dirty risk/reward calculation in their head, and realize that the best option is to take the deal -- because that's how you arranged it.

Plea bargaining is a foul and filthy practice that guarantees a miscarriage of Justice in a certain percentage of cases. That's why not every Western nation allows it.

But your arguments have nothing to do with the facts -- they have to do with your fears. It's terrifying to live in a world where innocent men can routinely go to prison. It's terrifying to live in a world where going to prison means a good chance of rape and brutality. It's terrifying to live in a world where the authorities actually use that threat of rape against you without conscience. It's terrifying to live in a world where any random mouth-breathing high-school-droput with a badge can destroy your life with trumped-up evidence. It's terrifying to live in a world where you can hear cops threaten to club children, where you hear cops threaten to plant fake drug evidence against teenagers, where you see cops shoot prone and begging men in the back...

It's terrifying to live in a world where simply browsing YouTube can give you video evidence of all of this.

So, your cognitive dissonance blasts away at full force, and you tell yourself innocent people don't go to jail because anyone who goes to jail is not innocent. You pillow your head on that circular logic, and while you dream you live in a pretty and just world you make it that much harder for the rest of us to fix the problems...
       

Re:By Law? Sources?

[brizzadizza]

What I don't understand is why the city needed him to get the passwords? I do "Network Administration" for small businesses and typically they don't have any of the passwords from the last guy who setup their network. In these situations I've found 20minutes with an OphCrack live CD to be sufficient to gain access to windows and single user mode to reset root works for most linux/mac and go from there. I've always been told if someone has physical access to your server then they can get in. The city always had physical access right? Why couldn't they get the passwords? My knowledge of high-end networking is undoubtedly very low, but surely there must be some similar password recovery schemes yes?

And on the router end of things, do the high end cisco routers come with reset switches?

Brandno

Aw, come on, now...

[jeko]

...give us our due. We shoot plenty of people, too, and we shoot straighter than them Commies ever did.

Re:Aw, come on, now...

[Savantissimo]

we shoot straighter

That's what's referred to as "gun control" here in Texas.

proper behavior

[jipn4]

If his managers order him to disclose the passwords, that's what he has to do. It doesn't matter whether it's on national television. But he could have handled it better.

He should have put in writing that he recommended against disclosing the passwords prior to doing so and asked his managers to sign off on it (a receipt, if you will).

Afterwards, he could either have quit, or he could have stayed on and dealt with the security fallout. Quitting probably would have been the more prudent choice.

Altogether, his managers come across as complete idiots, and he comes across as a bad employee. Everybody loses.

OH won't somebody think of the Childs!

This is Childs abuse!

Madoff may be a canary

[garyebickford]

I recently listened to an interview with an ex-spook, one who had been fairly high up. It was his opinion that Madoff is not in jail because he is singing like a canary.

It turns out that a big part of the money invested was through overseas investment firms with 'anonymous' clients - read money launderers. Their clients included tax cheats, drug czars, dictators, 'princes', and other fun folks.

So, Madoff is the link to a bunch of folks the Feds would like to know about. Some of them will be targeted for legal action, others will be used in other ways - the spook suggested that some foreign rulers could be 'encouraged' to abide by US policy - or else their citizens finds out where their stolen money went.

It's also possible that this information could alter the way that whatever money still exists gets distributed.

I have no idea if any of this is true, but it is certainly an interesting prospect.

Re:Actually, you've just rebuilt the classic argum

[BitHive]

MOD PARENT UP (and adapt for future generations!)

I see what your problem is

[celtic_hackr]

You're confused, because the US legal system often uses the word justice in it's many institutions. Why they often have a statue indicating justice being blind, etc.

See, we are talking about a legal system, not really a justice system. Even though it was the original intent of the framers of the Constitution to build a just legal system. It's just simply not in the economic interest of legal professionals to have a justice system. So over the years it has changed into it's current state.

This is fucked up.

[moxley]

This is fucked that he's been locked up all this time.

I think (as I said back when this happened) that there is a lot more to this story; there were obviously political and interpersonal machinations going on that led to this situation.

I would be tempted to say that he probably should have handed over the admin passwords and walked away, but then I remembered that he did offer to do just this, but only to give them directly to the mayor - but by the time you are being ambushed in a conference room by your boss, some douchebag traitor subordinates and a cop, your future employment at said job is probably already compromised so you might as well get out - but the fact that it went to this level and that he WAS willing to release the password to the mayor AND the fact that he was willing to go to jail over this tells me that there is probably more to this.

I wish I could remember more of what I had heard right after this occurred - because I seem to remember hearing something about him knowing that something shady was going on - that someone was compromising the network or something like that and/or that it had gotten personal and that this non-technical supervisor had it out for him or something...

After everything I read at the time from people who knew this guy and had more information about this than what they've read in articles I had come to the conclusion that something integral to this situation stinks to high hell.

  It was apparent that some people found him arrogant, but hey - that isn't a crime and sometimes in this industry as many of us know, if your technical skills are way above the average skill of the people working around you sometimes that does get mistaken as arrogance - because it can be trying fixing fuckups and explaining things all of the time - sure, it would be best if everyone who had technical skills had interpersonal skills to match, but that isn't often the case.

Additionally, I don't see where he even broke the law. The network never went down, he simply refused to hand over passwords to non-technical employees - he didn't "take control of the network illegitimately" and if they wanted to fire him for not complying with management, then yeah - but pressing charges and keeping the guy in jail for 7mos - and then we have a DA that proves his fucking case by entering active logins and passwords into evidence?

Does anyone know where to where to mail Terry Childs? I'd like to send the guy some books or something - it must suck really bad to be in jail....

Re:This is fucked up.

[think_nix]

here is an archiv of the pdf's available from the public record. Some of this is really whacked. http://weblog.infoworld.com/venezia/archives/017979.html

Hate to be pedantic, but...

[avajcovec]

I don't really disagree with anything you said, but I'm still amazed that this is rated "5, Insightful" when you got the basic phrasing backwards.

It's "Innocent until proven guilty" not "Guilty until proven innocent". It may seem like a minor quibble, but when that phrase is all most people will remember, it's important to get it right.

Damn, I think you're right.

[jeko]

Yeah, I think I took that totally wrong and missed the satire. I'm so used to people in Dallas saying stuff like that and meaning every word of it, I totally missed it.

Sorry, Inda. I'll try to clean the crap outta my ears.

How dare you?

[Benfea]

Obviously, you evil communists just want to punish the most productive members of our society. Productive members like Bernie Madoff and Paris Hilton. If you want to live in a communist country so bad, you can move back to Venezuela, you terrorist-lover!

Re:Actually, you've just rebuilt the classic argum

Jeko,

You are my hero. Did you just come up with that off the top of your head? You should write speeches. There are ConLaw experts who have the same passion but 1% of the skill with rhetoric that you have.

Excellent Post!

who is gonna play them in the Movie ..

[viralMeme]

synopsis: Rogue sysadmin holds San francisco to ransom, only one man can defeat this maniac. Staring Brad Pitt as Terry Childs and Bruce Willis as James T. Ramsey ..

Weird justice system

[asamad]

Why is it if you make off with Billions of dollars like madoff you get home arrest.

But if you lock people out of a computer system and cost them maybe $5-10million you get stuck in jail.

This guys says he is innocent, madoff said he was guilty.

Got to love the american judicial system

MOD PARENT UP

[LanMan04]

This shit needs to be fixed.

Here

[Concern]

This one. There are others as well.

Defense counsel can and do say anything that comes into their heads that may help their clients. In this case, it's a dubious opinion about sentencing. Go see what Charles Manson's or Bernie Maddoff's defense attorneys suggested about their cases.

Please use "IANAL" or "I am not an attorney" when dispensing bogus legal advice, thanks.

Re:Here

[mea37]

WFH has to do with copyright. So a few problems with your claim:

1) A password isn't something you can copyright, so neither the employee nor the employer "own" the copyright on the password.

2) Let's suppose I possess a copy of a work to which you hold the copyright. (i.e. Let's ignore the first point.) Copyright restrains me from doing certain things -- such as making copies of that work -- without your permission. It does not compell me to hand my copy over to you on demand, or to disclose the information therein to you if you somehow don't have said information. Ownership of the copyright isn't the same as ownership of a copy, nor is it "ownership of the information" as some people would claim. In short, if Scot Adams calls me up and demands I hand over any Dilbert comics I might have, I don't have to comply.

Now there may be laws governing access to an employer's systems that would compell you to reveal passwords; I really don't know. I don't know at the federal level, and I sure as hell don't know what state or local laws might apply. But WFH? I think not.

Please use "IANAL" or "I am not an attorney" when dispensing bogus legal advice, thanks.

Re:Here

[Concern]

A password isn't something you can copyright, so neither the employee nor the employer "own" the copyright on the password.

Bold claim. Citations please?

In short, if Scot Adams calls me up and demands I hand over any Dilbert comics I might have, I don't have to comply.

Well argued, and correct. But...

Say you worked for him - inked a lot of his comics, something like that. Then you quit. If United Media comes to believe you have materials created during that work - physical things in your possession - you may have cops and lawyers show up and ask for them.

Now, would you say it's standard or customary to keep the only copies of passwords to major pieces of infrastructure in one's head?

Who knows. It's a crazy world. Maybe a judge could be made to believe it. Maybe not.

So, you're not handing over a thing. You never made any written materials. Or you destroyed them. Or you simply refuse to. So hard to tell the difference...

But can you imagine - are you saying you would actually claim, "the passwords are mine, not my employer's?" Or, "they are not property, cannot be owned, therefore I need not give them up?" My advice, do not go out there pro se.

Is it true this guy really gave out fake passwords? Nothing says "I'm a criminal, lock me up, judge" like playing games in that way.

Say cars all used digital locks. Numbers for keys. Say you hire someone to fix your car, they change its locks, and then, though they give you the car, won't give you the key. Like on Seinfeld - the mechanic knows better than the owner. You don't take proper care of that car. You don't deserve it. LOL.

They didn't steal from you? The password they created while working for you - not yours? I admit - if we truly think it's reasonable that their mind has the only copy, it's not a matter for copyright anymore. Not that it will get you off the hook. They'll end up on the hook for other crimes instead... but I still find copyright instructive in this case.

Citation given

[Concern]

Passwords are intellectual property and governed under the Work for Hire provisions of copyright law.

Don't take my word for it. Ask an attorney.

Or just ask yourself how you ever replace your network or system admins if they don't feel like letting you?

Sure, story of my life

[jeko]

I finally get fan mail and it's from an AC. :-)

Actually, it's easy. Spend a childhood of Sundays listening to endless variations on "Sinners in the Hands of an Angry God" and "It's Friday ... but Sunday's Coming" (a classic old Crucifixion/Easter dichotomy) and you could belt out a pretty mean spur-of-the-moment sermon too.

Re:Actually, you've just rebuilt the classic argum

[ffflala]

Both you and GP post are assuming that the remaining 95% of cases either result in guilty please or the charges being dropped. You actually need to correlate arrest figures with charges filed/dropped to conclude either way, and neither of you mentions having done so. You can find such records here, I think: http://www.ojp.usdoj.gov/bjs/dtdata.htm

Abuses certainly happen, and are terrifying. I recently saw a wrongly convicted man speak; he'd been on death row for 19 years before being freed. His situation was traced to a notorious forensic examiner in Oklahoma. Still, I don't think a general conclusion on either side is appropriate before determining the actual figures.

I certainly don't think that having good faith that at least the criminal justice system is SUPPOSED to keep innocent people out of jail goes as far as cognitive dissonance. If you believe that there should in fact be justice, you certainly stand a better chance of doing something to improve the imperfect, and often horrifying errors of injustice.

probably a bad sign for Childs

[ffflala]

I'd like to think his defense is reasonable, but then I thought the same thing about Reiser's case.

Legal Defense

What I want to know is where is the EFF with all of this happening? This whole case is insane. The only reason its happening is that it involves a government network and government people that don't know what they are talking about. If it were a corporate network, they would have just fired him if they didn't like how he handled it. Prosecution would only come from real illegal access.

Rouge Admin

A Rogue Admin is a versatile character, capable of sneaky combat and nimble tricks. The Rogue Admin is stealthy and dextrous, and currently the only official base class from the Player's Handbook capable of finding and disarming many traps and picking locks. The Rogue Admin also has the ability to "sneak attack" ("backstab" in previous editions) enemies who are caught off-guard or taken by surprise, inflicting extra damage.

The chain of command wasn't clear here

[dbIII]

However you have a responsibility to the organisation and not to the bosses 2nd cousin who thanks to years of playing quake is appointed to be the new "security consultant" and wants the passwords to "poke around". It's being stuck in a situation where you know a person is going to damage things badly and you know you are the person that is going to take the blame for some dramatic resume destroying stuff.

There's being professional and then there is trying to keep your job by grovelling to clueless neo-fuedalistic masters which appears to be the situation here. In most places you can go sideways or up the tree to get stupidity repealed but if you have a situation where blind loyalty overrides production you are screwed.

Re:The chain of command wasn't clear here

[dbIII]

I should have said "appears to be the choice here".

It will be interesting when more comes out at the trial

Re:Actually, you've just rebuilt the classic argum

"any random mouth-breathing high-school-droput"

You are spreading fear yourself. For what reason? With unfounded crap about _any_ highschool dropout being able to do that you just show your personal bias that has absolutely nothing to do with facts either.